ResponsibilitiesPeraton is seeking an experienced
CIRT Tier 1 Analyst to join Peratons' Federal Strategic Cyber Mission program.
Location: Beltsville, MD and Rosslyn, VA
Work Hours: 0600 - 1400 EST, SUN-THU
In this role, you will:- Detect, classify, process, track, and report on cyber security events and incidents
- Perform triage of incoming alerts and requests in a 24x7x365 environment
- Monitor and triage the CIRT hotline, email inboxes, and fax
- Create tickets and initiate workflows as instructed in SOPs
- Triage Splunk Enterprise Security (ES) Alerts and Microsoft Defender for Endpoint (MDE) Alerts
- Identify and triage benign, spam, exercise, and malicious phishing email
- Perform binary artifact triage to understand malware behavior
- Coordinate and collaborate with Department teams as needed to analyze and respond to events and incidents
- Report incident information to the Cybersecurity and Infrastructure Security Agency (CISA)
- Collaborate with other local, national and international CIRTs as directed
- Deliver and oversee remediation activities
- Conduct shift change briefs
QualificationsRequired:- Bachelor's degree and at least 2 years of experience or a High School diploma and 6 years of experience.
- Must possess or be able to obtain at least one of the following certifications before start date. Continued certification required as a condition of employment:
- CCNA-Security
CND
CySA+
GICSP
GSEC
Security+ CE
SSCP
- U.S. Citizenship required.
- Active Secret security clearance required in order to start.
- Knowledge of ticketing systems (i.e. ServiceNow, Remedy)
- Knowledge of computer networking protocols and principles
- Knowledge of cybersecurity principles, practices, threats, and vulnerabilities
- Knowledge of incident response principles and practices
- Skill in critical thinking by evaluating information and making independent decisions
- Demonstrated ability to work autonomously while taking initiative on assigned responsibilities
- Ability to follow established procedures and written guidance with precision and attention to detail
- Skill in taking ownership of problems and seeing them through to completion
Preferred Qualifications- Experience with Splunk for security monitoring and alert triage
- Knowledge of Microsoft Defender for Endpoint for security monitoring and response
- Experience with ServiceNow for ticketing and workflow management
- Knowledge of cloud security monitoring fundamentals
- Experience with email security and phishing analysis
- Knowledge of the MITRE ATT&CK framework
- Familiarity with PowerShell and basic scripting concepts
Target Salary Range$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
