Cyber Security Operations Analyst Lead

About The Position

Requirements

• BS 5-7 Years, MS 3-5, PhD 0-2
• Experience with cyber security architecture principles that achieve cybersecurity framework goals.
• Active DoD Top Secret clearance
• IAT Level II certification
• CSSP Analyst certification (Security+ CE or better, CEH or better)
• Experience with open-source research

Nice To Haves

• SANS GCIH or similar certification
• Splunk Search App experience
• Tanium Interact Module experience
• Wireshark experience
• Open-source research experience

Responsibilities

• Provide 24x7x365 cybersecurity monitoring and response across DTRA’s distributed network operations environment.
• Collaborate with Cybersecurity Service Provider (CSSP) analysts and engineers to process intelligence, determine threats, develop mitigations, monitor for attacks, and assess risk.
• Provide cyber-based Situational Awareness to agency leadership and stakeholders.
• Monitor computer network defense services to safeguard the confidentiality, integrity, and availability of DTRA-supported network environments and IT infrastructure.
• Ensure compliance with DoD CSSP Evaluators Securing Metrics (ESM).
• Provide support within the existing CSSP structure, which includes four simultaneously running processes to assist and defend the system subscriber.
• Perform network threat monitoring across a variety of tools.
• Use standard threat hunting tools to craft targeted queries to detect and monitor intrusions into the network environment.
• Write and submit detailed technical reports on how threats were identified, confirmed, contained, and any other follow-on actions.
• Conduct research on threats and adversaries across various open-source and government database platforms.
• Share and discuss information discovered during the research and monitoring process.