CSSP Analyst, Journeyman P46- P55
FEDITC · Indianapolis, IN · 5 mo ago
Business DevelopmentFull-time
Responsibilities
- Provide 24/7 security monitoring and analysis for DFAS CCE (ON-SITE REQUIRED)
- Monitor security events using Azure Sentinel, ArcSight, and other SIEM tools
- Perform initial triage and classification of security incidents
- Analyze phishing and spam emails, reviewing headers, attachments, and URLs for malicious indicators
- Validate and classify incidents, determining true positives and escalating when required
- Draft incident summaries and analyst reports for leadership and case records
- Keep investigation notes and case records updated
- Support protocol monitoring achieving 100% documentation per DFAS CSIRP
- Participate in threat hunting activities under senior guidance
- Operate CSSP toolsets for unclassified and classified enclaves
Qualifications
- 5+ years cybersecurity/SOC analyst experience
- Security+ certification
- DoD 8140 Cyber Defensive Analyst (Intermediate) Playlist qualification
- Experience with SIEM tools (Azure Sentinel, ArcSight, Splunk)
- Knowledge of phishing analysis and email security
- Incident triage and classification experience
- Understanding of network security monitoring
- Familiarity with DFAS CSIRP or similar incident response procedures
- Experience with ticketing systems for incident tracking
Preferred Qualifications
- CySA+ certification (upgrade path)
- Experience with DFAS CSSP operations
- Prior 24/7 SOC shift experience
- Azure Sentinel KQL query experience
- Threat hunting experience
- Digital forensics fundamentals
- Experience with classified network monitoring
Education
- Bachelor’s degree in Computer Science, Engineering, Information Technology, or a related field
Certifications
- Cyber Defensive Analyst (Intermediate) Playlist
- CompTIA Security+