OverviewThe Security Analyst supports the United States (U.S.) Army C5ISR Center to develop advances within cyber defense research; advanced detection methods; sensor structure, data optimization, and sensor architectures; intrusion detection innovations, evaluation methods, attack behaviors, insider threat, and adversarial threat predictions.
Responsibilities
- Analyze the results of signature detection, anomaly detection, and data visualization-based methods of discovering, documenting, and reporting malicious and anomalous activity as defined by DoW standards/criteria.
- Analyze the output of vulnerability scanners, security and compliance metadata, and other Government Furnished Data (GFD) to reduce the attack surface of the DoWIN.
- Develop, implement, and maintain methods of detecting malicious and anomalous activity as defined by DoW standards/criteria by utilizing a combination of COTS, GOTS, and open source tools.
- Document methods and include example data in the documentation, if example data is available.
- Review information, documentation, and reporting of incidents and events from other CSSP teams, as well as third parties, and automate the detection of these events and incidents.
- Maintain, edit, and customize these methods, specifically adding to, refining, or reducing individual methods based on measured success and failure rates.
- Utilize a combination of COTS, GOTS, and open-source tools to analyze supported environments using structured and mathematical analysis methods to discover and document efforts to map DoWIN infrastructure or to probe DoWIN infrastructure for vulnerabilities.
- Utilize a combination of COTS, GOTS, and open-source tools to analyze GFD using structured and mathematical analysis methods to discover and document efforts to exploit vulnerabilities in DoWIN infrastructure, as well as efforts to deceive DoWIN users into taking actions that would expose DoWIN information or increase the vulnerability of DoWIN-connected assets.
Qualifications
Required:
- Bachelor’s Degree in Computer Science or IT related degree
- Certified Ethical Hacker – Certification; Journeyman 1+ years; Master 3+ years
- (ISC)2 (TM) CISSP (R) – Certification; Journeyman 1+ years; Master 3+ years
- Cisco CCNA Security – Certification; Journeyman 1+ years; Master 3+ years
- Full CE certification required: Tenable® Certified Security Engineer. Three (3) years’ experience with Tenable® Security Center and Nessus. One (1) year Nessus Attack Scripting Language experience.
- One (1) year operations center/call center, or technical helpdesk experience.
- SME on policy Development, implementation, and reporting of vulnerability scanning, global implementation capabilities.
- The most current DISA ACAS Version in use training certificate
- Three (3) years’ experience with McAfee HBSS.
- One (1) year of McAfee custom queries and host intrusion prevention signature experience. One (1) year operations center/call center or technical helpdesk experience.
- TS/SCI Clearance