Cybersecurity Analyst

About The Position

Requirements

• Minimum active DoD Secret clearance with the ability to obtain TS/SCI.
• Current DoD 8570 IAT Level II certification (or higher), such as CompTIA Security+ CE, ISC2 SSCP, or SANS GSEC (or equivalent).
• Ability to obtain DoD 8570 CSSP-A Level Certification (e.g., CEH, CySA+, GCIA, or equivalent) within 180 days of hire.
• Strong foundation in networking, including packet analysis, common ports and protocols, and traffic flow. Knowledge of the OSI model, defense-in-depth security principles, and common security elements for effective threat detection, analysis, and mitigation as a SOC Security Analyst.
• Level I: Bachelor's degree and 1+ years of relevant experience; equivalent work experience and/or military service may be considered in lieu of a degree.
• Level II: Bachelor's degree and 3+ years of relevant experience; equivalent work experience and/or military service may be considered in lieu of a degree.
• Proven ability to work effectively both independently and as a collaborative team member, demonstrating initiative and a strong work ethic in both settings.
• Committed to continuous learning and self-improvement in the cybersecurity domain, as evidenced by ongoing pursuit of certifications, active participation in industry forums, and dedication to staying ahead of emerging threats and technologies.
• Excellent problem-solving skills, including the ability to collaborate effectively with cross-functional teams to address complex security challenges in real-world scenarios. This includes the ability to communicate technical information clearly and concisely, build consensus, and drive solutions to completion.
• Reliable and flexible, with a demonstrated willingness to work assigned shifts to support operational requirements and team objectives.
• Located within a commutable distance (within 2 hours) or able to self-relocate to Scott AFB, IL; or Columbus, OH.

Nice To Haves

• Hands-on experience analyzing large volumes of logs, network data (e.g., Netflow, Full Packet Capture), and other attack artifacts during incident investigations.
• In-depth experience using a SIEM/SOAR platform to analyze multiple log types and events across various data points, applying techniques such as behavioral analysis, statistical analysis, and machine learning to detect and respond to advanced threats.
• Comprehensive understanding of the network threat lifecycle, attack vectors, and methods of exploitation, including intrusion set tactics, techniques, and procedures (TTPs).
• Experience with Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, and Network Forensics tools.
• Experience or knowledge in monitoring, defending, or administering cloud networks (e.g., AWS, Azure, GCP), including cloud-native security tools and strategies for protecting data in cloud environments. Experience identifying and mitigating cloud-specific attacks.
• Experience managing, defending, administering, or deploying mobile devices (iOS, Android) for enterprise, including mobile device management (MDM), mobile application management (MAM), and mobile threat defense (MTD). A strong understanding of mobile security best practices and mobile threat landscape is highly desired.
• Scripting and programming skills.

Responsibilities

• performing real-time cyber threat intelligence analysis
• correlating actionable security events
• performing network traffic analysis using raw packet data
• participating in the coordination of resources during the incident response process

Benefits

• medical coverage with two plan options (HDHP or PPO)
• dental and vision coverage
• personal time off
• paid holidays
• parental leave program
• telecommuting if available
• retirement savings accounts (Pre Tax and Roth)
• flexible and dependent care savings accounts
• life insurance
• long and short-term disability coverage
• tuition and training reimbursement
• employee assistance program