Cyber Analyst II
Cyber Analyst II
DESCRIPTION OF POSITION:
- Utilize monitoring tools, such as Security Information and Event Managers, Intrusion Detection Systems, and Web Content Filtering appliances to dynamically search for potential threat actors, assess risk, and address findings. Based on findings, craft repeatable processes into automated systems.
- Collaborate with architects, engineers, and administrators, while translating technical information to non-technical audiences, in order to devise an effective response strategy.
- Leverage an understanding of vulnerabilities, exploits, and adversary tactics to scope incidents and reduce their impact. Utilize current incident response methodologies to investigate breaches, identify threat actors, gather intelligence, and report findings to decision makers in a timely fashion.
- Work with a variety of Agency organizations to support policy driven investigative requests, using enterprise computer forensic tools and methods.
- Assist with the administration of a logging and monitoring solutions, as needed, to enhance existing security posture.
- Perform scheduled care and feeding while maintaining compliance standards. Regularly reassess capabilities for potential improvements.
- Create or maintain process and change management documentation.
- Ingest threat intelligence and automate correlation between external threats and current asset elements.
- Help organizations adopt processes in-line with security standards, and that support the Agency's incident response policy. Recommend strategies to non-technical audiences that prepare their organizations for potential incursions.
- Collect data and contribute to user awareness for IT security training.
- Must be able to work within a team that provides 24x7x365 support coverage to include each team member participating in a one week per month on-call status rotation.
- Bachelor’s Degree in a relevant area of study (suggested areas of study include Computer Science, Information Technology, and Software Engineering)
- Minimum of 2-5 years’ experience involving work directly related to listed skills and related to information technology, cybersecurity, security control evaluation and implementation on information technology systems and programs or transferable skills related to information security, incident and risk management.
- Demonstrated experience working within a Security Operations Center (SOC) or a Computer Incident Response Team (CIRT).
- Relevant certifications, including government directed certifications, may be required. Qualified candidate would possess at least one of the following certifications and a combination would be highly desirable: MCSE, CCNA, CCNP, ISC, CAP, CISSP, CISM, ISC, ISSMP, GCIH, GCFA, GREM, GNFA
- Strong written and verbal communication skills.'
- Strong familiarity with networking, operating systems, databases, and web applications.
- Knowledge of information security hardening guidelines such as CIS or DoD guidelines.
- This position requires that the candidate be able to obtain a Secret level security clearance.
YEARS OF EXPERIENCE:
- Minimum 2 - 5 years' experience
SECURITY CLEARANCE LEVEL: