DirectViz Solutions is a high-level, strategic consulting services firm that meets mission IT needs for government customers. We are hiring a Lead Content Designer for a new 5 opportunity. This position is located in Herndon, VA. and requires a Secret clearance. Lead Content Designer-Cyber Qualifications: * Must have extensive experience: * working with security methodologies and processes within Security Operations Centers supporting medium-large enterprises. * Configuring and managing technical security solutions * Configuring, designing, and testing security dashboards and alerting within SEIM technologies to include data modeling, custom alert notification, and dash-boarding supporting the full lifecycle of content (conception, creation, testing, documentation, implementation, tuning) * Analyzing, trending, and filtering of security log data from a large number of disparate security devices to include, FW's, IPS/IDS, Host, Load Balancers, and other security / monitoring solutions. * Utilizing and writing custom signatures within Intrusion Detection and Prevention systems. * Must have experience: * With Cyber Kill Chain and synthesizing the attack life cycle * SOP development and updating along with training new SOP's * Implementing SOC processes and SOP's * Mentoring Junior and mid Analysts * Expertise in developing custom SPL using macros, lookups and network signatures * Identifying/creating and utilizing IOCs * Utilizing Network traffic indicators to identify anomalous user activity associated with lateral movement within an enterprise * Utilizing regex for direct pattern matching * Utilizing network security tools and SIEM technologies * Automation and security orchestration tools to support Incident Response * Cloud security monitoring and threat landscape * Endpoint security tools (AV, Threat Detection, protection) * Must have demonstrable knowledge of: * Network ports and protocols (TCP, UDP, HTTP, SMTP, DNS) * Network security devices (FW, IDS/IPS, Proxy, Email Filtration, DNS, etc.) * Common host and web application attacks and countermeasures against those attacks * Intel frameworks to include cyber kill chain and Mitre ATT&CK * APT capabilities and ability to implement appropriate detection measures or counter measures * Experience : At least five years of experience working as a senior analyst within Medium-Large Enterprise Security Operations Centers * Hours : 8:00 AM - 5:00 PM. Actual hours may vary depending on mission requirements. * Certification : One of the following certifications is required: * CISSP * GCIH * GCFA * GPEN * GWAPT * GCIA * Or equivalent Applicants may be required to show proof of a COVID-19 Vaccination Record Card to be eligible for employment at some work sites. DirectViz Solutions, LLC provides equal employment opportunity to all individuals regardless of race, color, creed, religion, gender, age, sexual orientation, national origin or ancestry, disability, genetic information, veteran status, gender identification or any other characteristic protected by state, federal or local law.