Job Description

COMPANY OVERVIEW

Founded in 2007 in Huntsville, AL, MartinFed provides the U.S. government with customer-focused, performance-based solutions using technology and an empowered workforce as an engine to drive its customers' missions. Our goal is to attract the best and brightest within their field.

We invest in our people because they are our greatest asset. They cultivate our purpose, embody and reflect our core values, and define our culture. MartinFed's core values that set us apart are the following:

• Be Driven - We are fueled by the hunger to learn more and do more.
• Be Curious - We engage in continuous improvement - never accepting the status quo.
• Be Humble - We seek honest feedback to strengthen our relationships.
• Pursue Excellence - We strive to achieve extraordinary results and do not settle for mediocrity.

Strive for excellence and consider joining our growing team today!

JOB OVERVIEW

MartinFed is seeking a subject matter expert to join our growing team in supporting NASA's Security Operations Center (SOC) at either Johnson Space Center in Houston, TX or Marshall Space Flight Center in Huntsville, AL. The NASA Security Operations center provides 24×7x365 security detection, monitoring and analysis of the NASA IT environment. As a member of our SOC Team, you will be responsible for enhancing the detection capabilities for the SOC to catch advanced threats by leveraging the TTPs of threat actors, and building advanced SIEM correlation use cases and reporting.

ESSENTIAL FUNCTIONS

• Develop advanced SIEM correlation rules to detect new threats.
• Create SIEM reports that will provide value to key Service Contracts.
• Review open and closed sources of threat intelligence for information that can be used.
• Create Threat Intelligence Reports on a quarterly basis to NASA Clients.
• Manage and tune the scripts that drive NASA TIP (Threat Intelligence Profiler) integrated with the Splunk ES multi-tenant SEIM.
• Provide resolutions to filtering requests and content enhancements requested by NASA clients.
• Create technical documentation around the content deployed to a multi-tenant SIEM.
• Monitor the impact of deploying new content to the health and performance of the multi-tenant SIEM.
• Perform deep dives in SIEM dashboards and channels to discover new threats that are currently beyond current detection capabilities.
• Assist in content development for current and future Professional Service Contracts.
• Represent NASA Operations during SIEM use case development meeting with Client calls.
• Test and distribute new SIEM content to the multi-tenant SIEM.
• Process and analyze collected information to identify threats and vulnerabilities that could impact the environment.

QUALIFICATIONS

• United States Citizen with a DoD Secret Clearance or higher.
• Bachelor's degree in a systems administration, networking, or technical field such as computer science or engineering, or equivalent work experience.
• At least one year experience in content development with SIEM technology.
• At least one year experience as an Analyst in a Security Operations Center.
• 2+ years of practical experience with security technologies like SIEM, firewalls, IDS/IPS, and vulnerability management.
• A solid understanding of the current threat landscape including knowledge of different threat actor profiles.
• Excellent communication skills.
• Ability to work in a dynamic and rapidly changing environment.
• Must be able to obtain / maintain a security clearance at the Secret level. Active Secret clearance is highly desired. US Citizenship is a requirement for Secret clearance at this location.

Able to operate collectively within a small, team, sometimes with minimal oversight.

DESIRED QUALIFICATIONS

• Master's Degree in Computer Science or related technical field.
• Holds an intermediate level, industry recognized, certification (GCIA/GCIH/GCFA/GNFA/GCTI/GREM)
• 3+ years of experience in a threat intelligence, cyber threat intelligence role, pen-testing, or development of SIEM dashboards.
• Solid understanding of threats reported by various data sources such as IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies.
• Solid understanding of various SIEM concepts such as correlation, aggregation, normalization, and parsing
• Solid understanding of the MITRE ATT&CK Framework and its implementation into a threat/detection platform
• Strong scripting capabilities (Python, PowerShell, Bash, Shell).
• Preferred TS/SCI clearance, but only SECRET is required.

Experience operating in classified environments.

PHYSICAL REQUIREMENTS & ENVIRONMENTAL CONDITIONS

• Inside office environment requires 100% on-site work at Johnson Space Center in Houston, TX
• Working on a computer for long periods of time.
• May involve long period of sitting at a desk.
• Work must be performed on-site.

The work environment is fast-paced and sometimes involves extreme deadline pressures.

OTHER DUTIES

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

If you are a qualified individual with a disability or disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access MartinFederal's current openings as a result of your disability. You can request reasonable accommodations by calling 855.212.1810. Thank you for your interest in MartinFederal Consulting.

Please Note: All positions at MartinFed are contingent upon passing both a background check and drug screening prior to a start date and are subject to random drug screenings during the employment period. In addition, MartinFed is an E-Verify employer.

Job Tags

Work experience placement,

Similar Jobs