logo

View all jobs

Cyber Security Analyst (TS/SCI Rquirement)

Arlington, Virginia
Job Description
We are seeking a Cyber Security Analyst. This position provides 24x7 cybersecurity monitoring and analysis services for Department of Defense networks above the SECRET level. This includes performing real-time cyber threat intelligence analysis, correlating actionable security events, performing network traffic analysis using raw packet data, and participating in the coordination of resources during the incident response process.
  • Review DoD and open source intelligence for threats and to identify Indicators of Compromise (IOCs) and integrate those into sensors and SIEMs
  • Utilize alerts from endpoints, IDS/IPS, netflow, and custom sensors to identify compromises on customer networks/endpoints
  • Review massive log files, pivot between data sets, and correlate evidence for incident investigations
  • Triage alerts to identify malicious actors on customer networks
  • Report incidents to customers and USCYBERCOM
Qualifications
  • Bachelor's Degree and 4+ years of prior relevant experience; additional work experience or Cyber courses/certifications may be substituted in lieu of a degree.
  • Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
  • Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings
  • DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC prior to starting.
  • DoD 8570 CSSP-A level Certification such as CEH, CySA+, GCIA or other certification is required within 180 days of hire.
  • Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain and an ability to think and work independently
  • Bachelor's degree and less than 2+ years of prior relevant experience; additional work experience or Cyber courses/certifications may be substituted in lieu of degree.
  • Strong analytical and troubleshooting skills
  • Willing to perform shift work
  • Must be a US Citizen
  • Must have an active DoD TOP Secret security w/ SCI clearance eligibility.
Preferred Qualifications:
  • CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.
  • Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
  • Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, Full Packet Capture), and other attack artifacts in support of incident investigations.
  • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. ArcSight, Splunk, Nitro/McAfee Enterprise Security Manager, QRadar, LogLogic).
  • Experience and proficiency with any of the following: Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, Network Forensics.
  • Experience with malware analysis concepts and methods.
  • Unix/Linux command line experience.
  • Scripting and programming experience.
  • Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
  • Familiarity or experience in Intelligence Driven Defense and/or Cyber Kill Chain methodology.
  • Existing 8570 CSSP Analyst Certifications (CEH), CySA+ etc.
Clearance Level: TSSCI
Certifications: IAT Level II Baseline Certification
 

Share This Job

Powered by