Cyber Watch Analyst

MacAulayBrown   •  

Fairfax, VA

5 - 7 years

Posted 180 days ago

This job is no longer available.

Candidate will be required to install, support, maintain and monitor IT Storage Area Network (SAN) infrastructure for reliability and uptime.  Candidate will be required to architect, design, implement and maintain complex enterprise SANs and data backup recovery systems. In collaboration with otherarchitecture and engineering teams(systems engineering, database administration, network operations and applications development), analyze and design enterprise storage systems used for customer data management, high transaction database processing and storage. Working with other team  members, analyze and translate business requirements into a solution design for new installations or upgrades to existing platforms. Manage and provide operational support of data availability and retention systems such as server and SAN based backups and enterprise level backup solutions.

Selected candidate will work a 12-hour shift on the Computer Incident Response Team (CIRT) Watch Floor. 

  • Position is shift work with varying schedules by week.
  • Collaborate between CIRT elements as necessary during incident detection and response stages
  • Respond promptly to all request for support whether telephonic, via e-mail or instant messenger
  • Create releasable finished intelligence products and reports for the IC as well as IC Senior Leadership
  • Maintain incident case management database for all reported incidents
  • Analyze incidents and events captured in the Case Management Database for trends, patterns, or actionable information
  • Review incidents and events captured in the Case Management Database after closure for investigative sufficiency and timeliness
  • Leverage existing business processes and where necessary define and document new repeatable business processes and procedures
  • Research external information on events, incidents, outages, threats, and technical vulnerabilities
  • Coordinate and disseminate the best course of action for the IC enterprise during cybersecurityevents, incidents, outages, threats and technical vulnerabilities with IC-IRC fusion analysis team
  • Assess incidents to identify type of attack, estimate impact, and collect evidence 
  • Candidate must be a US citizen and have a current TS/SCI and poly.


  • Bachelor's in Cybersecurity, Information Security, Information Technology, Computer Science/Engineering, Network Engineering, or Computer forensics.
  • Minimum 1 yearexperience with in 3 or more of the following: technical analysis, network engineering, networksecurity, and offensive experience, technical collection, penetration testing, "red teaming" and computer exploitation.
  • Minimum 6 monthsexperience working with Security incident and event management
  • Minimum 6 monthsexperience working within a Security or Network Operations Center
  • Proficient in at least one of the following tools/techniques: HP Openview, FireEye, Solar Winds, ArcSight, Web Sense
  • Bachelor's Degree equivalent - Minimum of 4 years of experience in Cybersecurity, Information Security, Information Assurance, and Information Technology, Electrical Engineering, Network Engineering, Computer Science/Engineering, Computer Forensics, or related technical field. Experience used as equivalency for college degree must be in addition to otherexperience requirements.
  • Candidate must be a US citizen and have a current TS/SCI clearance and a Poly.

Desired Qualifications:

  • Relevant Certifications: CISSP, CCFP, CCSP, CEH, GCFS, GCIA.