Cyber Defense Analyst (Level 3 / 3rd Shift)

About The Position

Requirements

• Active Secret level security clearance with investigation or CV date within 5 years with ability to obtain Top Secret clearance and pass a Counterintelligence Polygraph.
• Ability to successfully complete additional enhanced security review in accordance with Government contract requirements.
• Bachelor's degree from an accredited college in a related discipline, or equivalent experience/combined education, with 3+ years of professional experience; or no years of professional experience with a related master's degree.
• Experience with standard security and network environment tools and applications (Splunk, Trellix ePO, ACAS/Tenable.sc, Tanium, Microsoft Sentinel).
• Understanding of threat models, attacker tactics, techniques, and procedures, operating system security requirements, information system auditing, and conducting cyber focused investigations.

Nice To Haves

• Minimum of current Top Secret security clearance with ability to obtain a Counterintelligence Polygraph.
• Knowledge of other security disciplines and how they impact and interact with information system security.
• Experience with Splunk and the ability to write queries, create dashboards.
• Experience with QMulos Products.
• Experience with using and building Tanium products.
• Understanding of basic usage of languages such as Python, PowerShell, and Bash for automation and data analysis.
• Experience with network design processes, including understanding of security objectives, operational objectives, and risk mitigation strategy for the information system.
• Recognized cloud proficiency and experience with Cloud Security (CCSP, AWS, CSA, CompTIA Cloud+, CCSK, or others).
• Experience working in an Information System Security Operations Center conducting incident response and recovery.
• Understanding of malware functionality, static and dynamic analysis, and ability to identify IOCs, attributes and understanding of signatures.

Responsibilities

• Serve as the initial point of contact for security operations floor activities
• Develop, maintain, tune, and monitor cybersecurity content to enhance detection and prevention capabilities
• Investigate computer and information security incidents to determine the extent of compromise to information and automated information systems
• Provide network forensic and intrusion detection support for high-technology investigations
• Document cyber incident analysis thoroughly at an operational level
• Support the detection, response, mitigation, and reporting of cyber incidents
• Maintain consistent and effective communication across the team
• Stay updated on tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption

Benefits

• Flexible work schedules including condensed schedules.
• Paid Time off benefits.
• Relocation assistance possible.