We are seeking a Cyber Detection Analyst that specializes in Incident Response. The Cyber Detection Analyst will hone your cyber skills with the latest technologies to take your career to a whole new level. You will help protect our national security while working on innovative projects that offer opportunities for advancement.
The Cyber Detection Analyst on this agency-level Cyber Security support contract performs the following duties:
- Identify misuse, malware, or unauthorized activity on monitored networks
- Analyze all relevant cyber security event data and other data sources for attack indicators and potential security breaches
- Assist in coordination during incidents
- Identify intrusions utilizing various detection and prevention systems and other security event data sources on 24x7x365 basis
- Analyze intrusion-related data to determine root cause and identify follow on activity while coordinating with Incident Handlers, Hunters, and various partners
- Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs, to include netflow, metadata, and pcap analysis
- Contributes to tuning and filtering of events and information, creating custom views and content using all available tools
- Review assembled data with firewall administrators, engineering, system administrators and other appropriate groups to determine the risk of a given event
- Contribute to the development of playbooks and procedures for handling each security event detected
Required Security Clearance: TS/SCI with FSP
Familiarity with the following classes of enterprise cyber defense technologies:
- Security Information and Event Management (SIEM) systems.
- Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
- Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
- Network and Host malware detection and prevention.
- Network and Host forensic applications.
- Web/Email gateway security technologies.
- Log aggregation tools.
- Strong analytical and problem-solving skills.
- Excellent interpersonal, organizational, writing, communications, and briefing skills.
Required Education and Experience:
- Bachelor of Science
- Minimum of three years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management.
- DOD 8570 IAT Level I or CSSP-A
Employment Type: Full Time / Permanent
This McLean, VA based position will be fixed shift, 4 days per week (10-hour shifts).
Maybe required to COVID vaccine or negative testing requirement.
Employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Regular and predictable attendance is essential.
Successful Completion of a Background Screening/Check/Investigation will/may be required as a condition of hire.