Job Description

Reference # : 18-00671Title : Cyber Analyst - Shift
Location : Ogden, UT
Position Type : Contract
Experience Level : Start Date / End Date : 04/09/2018 / 03/13/2019
Description
Must be a US Citizen who currently possesses a Top Secret w/ SCI Eligibility SCI

The client is seeking a senior Cyber Client Analyst supporting the DISA GSM-O program at Ogden, UT location. The qualified candidate will be a member of the Network Assurance Team supporting the DISA Global Field Command. The analyst will perform cyber threat and vulnerability intelligence analysis, correlate actionable security events, perform network traffic analysis using various log and data sources, including raw packet data, netflow, IDS, IPS, and custom sensor output as it pertains to the cyber security of communication networks. The Analyst will also participate in the coordination of resources during incident response events and utilize their knowledge to inform effective, durable countermeasures.
Responsibilities
  • Perform analysis on relevant network defense data from various sources to establish the timeline of events associated with both attempted and successful network intrusions.
  • Maintain a high level of situational awareness, and leverage existing understanding of threats to prioritize analysis
  • Inform countermeasures through identification of new tactics, techniques, and procedures used by threat actors
  • Mentor junior analysts
  • Support the development of analytical procedures and advanced detection and correlation content to meet changing requirements, and continue evolution towards a threat-focused Defensive Cyber Operations (DCO) strategy
  • Support the refinement of SIEM reports to track trends and demonstrate countermeasure effectiveness

Basic Qualifications
  • Top Secret clearance w/ SCI Eligibility
  • 8570 IAT Level 2 certification (Security+, CCNA-Security, or equivalent) w/ the ability to obtain CND-A certification w/in 180 days of start date
  • CND experience (Protect, Detect, Respond, and Sustain) within a Computer Incident Response organization
  • Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures
  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
  • Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC) and other attack artifacts in support of incident investigations
  • Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
  • Willing to perform shift work
  • Motivated self-starter with strong written and verbal communication skills and the ability to create complex technical reports on analytic findings
Desired Qualifications
  • Experience w/ DoD Networks
  • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform
  • Experience and proficiency with any of the following: Anti-Virus, HIPS, IDS/IPS, FPC, Host-Based Forensics, Network Forensics
  • Unix/Linux command line experience
  • Scripting and programming experience
  • Familiarity or experience in Intelligence Driven Defense and/or the Cyber Kill Chain methodology
  • Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification.
  • Experience and proficiency with any of the following: Anti-Virus, HIPS, IDS/IPS, FPC, Host-Based Forensics, Network Forensics
  • Unix/Linux command line experience
  • Scripting and programming experience
  • Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification.
Hours
  • Shift work

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online