Cyber Security Operations Analyst with Security Clearance
BOAB Ventures · Fort Belvoir, VA · 3 wk ago
Information TechnologyFull-time
Responsibilities
- Collect and analyze network and/or host artifacts from a variety of sources to include logs, system images and packet captures to characterize activity, determine root cause, operational impact, and to enable rapid remediation and/or mitigation of cyber threats within the Enterprise Network through the investigation process.
- Perform initial cyber incident triage; to include determining initial scope, urgency, and potential impact; identifying the specific vulnerability; escalating incidents to Tier II analysts.
- Must be familiar with the DoDI 8530.01 (Cybersecurity Activities Support to DoD Information Network Operations).
- Manage and document cyber defense incidents from initial detection through escalation.
- In support of the DTRA J6C Cybersecurity Department, the Cyber Security Analyst will provide the required resources and expertise to support 24x7x365 cybersecurity monitoring and response across DTRA’s distributed network operations environment.
- Working with the DTRA J6C, contractor CSSP analysts and engineers shall collaborate with various teams throughout the agency to process intelligence, determine threat, develop mitigations, monitor for attacks, and assess risk while providing cyber based Situational Awareness to agency leadership and stakeholders.
- The Cyber Security Specialist will monitor computer network defense services in a manner that effectively safeguards the confidentiality, integrity, and availability of DTRA-supported network environments and Information Technology infrastructure.
- The Cyber Security Specialist will provide the required resources and expertise to ensure compliance with DoD CSSP Evaluators Securing Metrics (ESM).
- The Cyber Security Specialist will provide support within the existing CSSP structure which includes four simultaneously running processes tooled to assist and defend the system subscriber.
- The Cybersecurity Analyst is responsible for network threat monitoring across a variety of tools.
- The analyst must also be proficient in conducting research on threats and adversaries across various open source and government database platforms.
- The ability to work effectively within a team is essential, as the analyst will be required to share and discuss information discovered during the research and monitoring process.
Requirements
- Must have Active DoD Top Secret clearance
- IAT Level II certification and CSSP Analyst certification (Security+ CE or better, CEH or better)
- Computing Environment certification desired (Windows Server 2022, Red Hat security, Splunk Power User etc.)
- Experience with open-source research, analyzing network traffic, analyzing windows logs, experience with network and host-based security systems, experience with SIEMs, basic knowledge of network topography, intermediate understanding of network protocols, and through understanding of the OSI model.
- Experience with Splunk and Trellix ESS (McAfee HBSS)
- Minimum 1 year of cyber security analyst experience or 3 years of IT experience
Qualifications
- Experience with PowerShell and Bash use
- 1 year experience working at a CSSP
- Familiarity with CJCSM 6510.01B