sata-intelligence

Cyber Watch Analyst - Developmental

Data Intelligence Technologies - Chantilly, VA

Description:

Looking for a Cyber Watch analyst to support a 12-hour Day Shift schedule on the Computer Incident Response Team (CIRT) Watch Floor:

  • Collaborate between CIRT elements as necessary during incident detection and response stages
  • Respond promptly to all request for support whether telephonic, via e-mail or instant messenger
  • Create releasable finished intelligence products and reports for the IC as well as IC Senior Leadership
  • Maintain incident case management database for all reported incidents
  • Analyze incidents and events captured in the Case Management Database for trends, patterns, or actionable information
  • Review incidents and events captured in the Case Management Database after closure for investigative sufficiency and timeliness
  • Leverage existing business processes and document new repeatable business processes and procedures where necessary
  • Research external information on events, incidents, outages, threats, and technical vulnerabilities
  • Coordinate and disseminate the best course of action for the IC enterprise during cybersecurity events, incidents, outages, threats and technical vulnerabilities with IC-IRC fusion analysis team
  • Assess incidents to identify type of attack, collect evidence, and assess impact

Required Qualifications:

  • Bachelor’s degree (or equivalent) in Cybersecurity, Information Security, IT, EE, Network Engineering, Computer Science, or related field. An additional 4 years of experience in a cyber security related area may be substituted for a degree. Experience used as college equivalency must be in addition to other experience requirements.
  • Minimum 1 year experience in three or more specific areas to include: analysis, network engineering, networking security, penetration testing, red teaming, hardware engineering, software reverse engineering, and computer exploitation.
  • Minimum 6 months experience working with a Security Incident and Event Management (SIEM) system. (e.g.: ArcSight, Splunk Enterprise Security)
  • Minimum 6 months experience working in a Security or Network Operations Center (SOC or NOC).
  • Ability to research and analyze data from a variety of sources and to present findings in clear, concise reports.
  • Proficiency in at least one of the following tools/technologies: HP Openview, FireEye, Solarwinds, ArcSight, Web Sense or comparable commercial technology
  • Proficiency in Windows and Linux environments (GUI and command line) with the ability to use and manage data from a variety of data bases, comfortably navigate between different databases
  • Working knowledge of software development and some demonstrated proficiency in scripting and/or programming languages and database development

Desired Qualifications:

  • Prior Intelligence Community experience.
  • Windows or Linux experience operating system security
  • Relevant security certification – CISSP, CCFP, CCSP, CEH, GCFA, GCIA

BS Equivalent = Minimum 4 years of experience in Cybersecurity, IS, IA, IT, EE, Network engineering, Computer Science/Engineering, Computer forensics or related technical field. Experience used as equivalency for college degree must be in addition to other experience requirements

(Req # 109.107929)



Posted On: Wednesday, September 22, 2021



Apply to this job
  • Pre - Screen Questionnaire (FSP)
  • *
  • *
  • *
  • *
  • *
  • *