Cybersecurity Analyst
SAIC · San Antonio, TX · 2 days ago
Information TechnologyFull-time
About the role
This position reports to the Security Director and acts as an analyst and tool admin for Armis. It is an on-site role supporting a state government agency.
Responsibilities
- Supports dedicated work functions for state government agency.
- Own and manage baseline configurations, policies, and implementation of front-end operations for Armis.
- Work with Armis as a vendor for architecture and engineering implementation concerns.
- Perform network security, cybersecurity defense & analysis, incident response, threat analysis, exploitation analysis, vulnerability analysis, and incident investigations.
- Utilize COTS/GOTS applications, ticketing systems, lab systems, forensic applications, and/or custom tools, techniques, and procedures (TTPs) to monitor systems for abnormal events and determine if events are to be deemed an incident.
- Determine if incidents are due to malicious or suspicious actions by one or more threat actors.
- Utilize threat intelligence to determine if the incident is part of a named campaign to determine appropriate levels of response, or provide new intelligence based on investigative actions to threat intelligence teams, organizations, and/or external parties.
- Obtain information and evidence for legal proceedings or to provide to government counterparts for possible military, law enforcement, and/or counter-intelligence response actions/activities, Human Resources investigations, and/or management action.
- Coordinate with contracted vendors for incident control.
- Research, evaluate, and recommend new security tools, techniques, and technologies.
- Support cyber metrics development, maintenance, and reporting for managed tools.
- Provide briefings to senior staff and/or state government agencies executive staff.
Requirements
- BS Degree and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience.
- Complete understanding and wide application of technical principles, theories, and concepts in the cybersecurity field.
- Ability to receive assignments in the form of objectives and establish goals to meet outlined objectives.
- General knowledge of related IT disciplines.
- Candidates must be a US Citizen and be able to pass a CJIS Criminal Justice background investigation and maintain CJIS clearance throughout employment term.
Qualifications
- Security+ or higher certifications.
- Armis 201 or higher class certifications.
Skills
- ITIL v4 certification preferred (Foundation or above).
- CEH, GCIH, BTL2, CASP, or GSP certifications.