Jobs · Information Technology · Missouri

Real Time Cyber Analyst

Newberry Group · St Charles, MO · 3 wk ago
On-siteInformation Technology$95k–$125k/yrFull-time

Responsibilities

  • Review DoD and open source intelligence for threats.
  • Identify Indicators of Compromise (IOCs) and integrate those into sensors and SIEMs.
  • Triage alerts to identify malicious actors on customer networks.
  • Assist T1 analysts with triage and analysis.
  • Complete moderate-level cyber analysis of potential events.
  • Report incidents to customers and USCYBERCOM.
  • Qualifications and Skills Required

    • Bachelor's degree and 3+ years of prior relevant cybersecurity experience; additional work experience or Cyber courses/certifications may be substituted in lieu of a degree.
    • Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
    • Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
    • DoD 8570 IAT level II or higher certification, such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC prior to starting.
    • DoD 8570 CSSP-A level Certification, such as CEH, CySA+, GCIA, or other certification, is required within 180 days of hire.
    • Demonstrated commitment to training, self-study, and maintaining proficiency in the technical cybersecurity domain, and an ability to think and work independently.
    • Strong analytical, troubleshooting, and critical thinking skills.
    • Willing to perform non-rotating shift work.
    • Must be a U.S. citizen.

    Preferred Qualifications and Skills

    • CND experience (Protect, Detect, Respond, and Sustain) within a Computer Incident Response organization.
    • Demonstrated understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
    • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
    • Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g., Netflow, Full Packet Capture), and other attack artifacts in support of incident investigations.
    • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g., ArcSight, Splunk, Nitro/McAfee Enterprise Security Manager, QRadar, LogLogic).
    • Experience and proficiency with any of the following: Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, Network Forensics.
    • Experience with malware analysis concepts and methods.
    • Unix/Linux command line experience.
    • Scripting and programming experience.
    • Familiarity or experience in Intelligence Driven Defense and/or Cyber Kill Chain methodology.
    • Existing 8570 CSSP Analyst Certifications (CEH), CySA+ etc, or the ability to obtain within the customer's timeframe.

    Benefits and Perks

    • Medical coverage with two plan options (HDHP or PPO).
    • Dental and vision coverage.
    • Personal time off, paid holidays, parental leave program.
    • Telecommuting if available.
    • Roth and Pre Tax retirement savings accounts.
    • Flexible and dependent care savings accounts.
    • Life insurance, long and short-term disability coverage.
    • Tuition and training reimbursement.
    • Employee assistance program.

Similar jobs