Defensive Cyber Operations Analyst who will perform continuous system monitoring to identify malicious cyber-attacks while supporting the containment, and remediation of IT threats. Additionally, this position will monitor networks and applications to identify a possible cyber-attack or intrusion and help coordinate and report on the cyber incident responses.
Key Responsibilities:- Vulnerability Management actions to include providing recommendations. Implement mitigations.
- Active monitoring of Defensive Cyber Operations (DCO) systems
- Conduct intrusion analysis and correlation of unauthorized activities; provide and implement recommendations to improve customer mitigation processes
- Perform threat insight processes to provide analysis to support mitigation and remediation activities
- Analyze cyber incidents, correlate incident details, and formulate and implement response actions with guidance from leadership
- Participate in Root Cause Analysis process and documentation capturing efforts taken to mitigate unauthorized actions
- Participate in the development of DCO tactics, techniques, and procedures
- Participate in the development of DCO concept of operations, processes, and procedures
- Identify security discrepancies and report and respond to security incidents
- Provide research and analysis in support of expanding programs and areas of responsibility
- Draft documentation for briefings, reports, and informational analyses
- Assist in the development of local Tactics, Techniques, and Procedures (TTPs)
- Participate in customer exercises (after duty hours may be required)
- Adhere to defined policies, master plans and schedules
- Perform all other duties as required, consistent with the goals, objectives, and responsibilities of the department
Required Qualifications: - 4+ years of relevant experience
- 2+ years of experience with a SIEM Tool (LogRhythm, Splunk)
- 2+ years of experience with employment of DoD cybersecurity requirements, policies, and procedures to include assessment and authorization activities
- Experience within a vSOC, SOC, or CSSP responding to cyber incidents
- Bachelor's degree in Computer Science, Information Technology, or a related field
- US Citizenship and an active Secret security clearance required
Desired Qualifications:- Experience performing cybersecurity activities in support of software and system requirements, design, development, testing, and sustainment
- Department of Defense Directive (DoDD) 8140 (formerly DoDD 8570) IAT CSSP Certification must be obtained prior to hire (CEH, CCNA Security, GCIH, CySA+ or Equivalent)
- Experience with HBSS, ACAS, SCAP Compliance Checker (SCC), DISA STIGs
- Working knowledge of NIST 800-53 Security and Privacy Controls
- Experience with RHEL
- Experience in performing post-incident computer forensics without destruction of critical data
- Ability to provide guidance on DoD Cyber regulations and requirements to engineering and software development staff
The salary range for this position is estimated to be between $100,000.00 - $145,000.00, commensurate on experience and technical skillset.
We are strictly looking for direct, full-time W2 employees. We do not engage with third-party staffing agencies, C2C, or 1099 independent contractors for this role.
