About the job
Correlates threat data from various sources to establish the identity and modus operandi of hackers active in client’s networks and posing a potential threat. Provides the customer with assessments and reports facilitating situational awareness and understanding of current cyber threats and adversaries. Develops cyber threat profiles based on geographic region, country, group, or individual actors. Produces cyber threat assessments based on entity threat analysis. May provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Researches and maintains proficiency in tools, techniques, countermeasures, trends in computer network vulnerabilities, data hiding, network security, and encryption.
- Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client.
- Provides timely and actionable sanitized intelligence to cyber incident response professionals.
- Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client’s security posture.
- Conducts intelligence analysis to assess intrusion signatures, tactics, techniques, and procedures associated with the preparation for and execution of cyber attacks.
- Researches hacker techniques, network/systems vulnerabilities, and provides detailed briefings and intelligence reports to leadership.
- Bachelor’s with 2 — 5 years (or commensurate experience)
- Top Secret/SCI Security Clearance
- CompTIA Cybersecurity Analyst+ (CySA+) (must provide a copy of the certification for submittal)
- DISA HBSS 201 & 301 completed
- CompTIA Security + (must provide a copy of the certification for submittal)
- Completed Splunk Fundamentals 1 & 2
- Possess a valid and current civilian U.S. Passport and Driver’s License. Military passports are not acceptable.
- Medically/Physically fit for deployment with U.S. Military Forces Outside the Continental United States (OCONUS) under the provisions of USCENTCOM Medical Standards.
Required Skills And Experience
- Tenable Nessus, Security Center (ACAS) Operations, Maintenance of backend servers
- Demonstrated ability in performing Information Systems Security Officer roles and responsibilities
- Demonstrated ability in performing Information Systems Security Manager roles and responsibilities
- Knowledge and understanding of the DoD Cybersecurity policies and the Risk Management Framework
- Knowledge and understanding of working with system engineers and administrators in implementing STIGs on devices
- Knowledge and understanding of Cylance Operations and Maintenance
- Knowledge and understanding of Forescout Operations and Maintenance
- Building, maintaining, interpreting, and analyzing Splunk Dashboards
- Lead Collection of RMF ATO Artifacts
- Lead Collection/Validation of 8140 compliance
Preferred Skills And Experience
- CISCO Certified Network Associate (CCNA) (must provide a copy of the certification for submittal)
- Experience supporting Special Operations
- Experience and demonstrated ability to communicate with Director level stakeholders
- Experience and demonstrated ability to present solutions to Network and Systems Engineers