Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Cyber Watch Analyst - Full Performance

D

Data Intelligence Technologies

Cyber Watch Analyst - Full Performance

Chantilly, VA
Full Time
Paid
Similar Jobs
  • Responsibilities

    Description:

    Looking for a Cyber Watch analyst to support a 12-hour Day Shift schedule on the Computer Incident Response Team (CIRT) Watch Floor:

    • Collaborate between CIRT elements as necessary during incident detection and response stages
    • Respond promptly to all request for support whether telephonic, via e-mail or instant messenger
    • Create releasable finished intelligence products and reports for the IC as well as IC Senior Leadership
    • Maintain incident case management database for all reported incidents
    • Analyze incidents and events captured in the Case Management Database for trends, patterns, or actionable information
    • Review incidents and events captured in the Case Management Database after closure for investigative sufficiency and timeliness
    • Leverage existing business processes and document new repeatable business processes and procedures where necessary
    • Research external information on events, incidents, outages, threats, and technical vulnerabilities
    • Coordinate and disseminate the best course of action for the IC enterprise during cybersecurity events, incidents, outages, threats and technical vulnerabilities with IC-IRC fusion analysis team
    • Assess incidents to identify type of attack, collect evidence, and assess impact

    Required Qualifications:

    • Bachelor’s degree (or equivalent) in Cybersecurity, Information Security, IT, EE, Network Engineering, Computer Science, or related field. An additional 4 years of experience in a cyber security related area may be substituted for a degree. Experience used as college equivalency must be in addition to other experience requirements.
    • Minimum 1 year experience in three or more specific areas to include: analysis, network engineering, networking security, penetration testing, red teaming, hardware engineering, software reverse engineering, and computer exploitation.
    • Minimum 6 months experience working with a Security Incident and Event Management (SIEM) system. (e.g.: ArcSight, Splunk Enterprise Security)
    • Minimum 6 months experience working in a Security or Network Operations Center (SOC or NOC).
    • Ability to research and analyze data from a variety of sources and to present findings in clear, concise reports.
    • Proficiency in at least one of the following tools/technologies: HP Openview, FireEye, Solarwinds, ArcSight, Web Sense or comparable commercial technology
    • Proficiency in Windows and Linux environments (GUI and command line) with the ability to use and manage data from a variety of data bases, comfortably navigate between different databases
    • Working knowledge of software development and some demonstrated proficiency in scripting and/or programming languages and database development

    Desired Qualifications:

    • Prior Intelligence Community experience.
    • Windows or Linux experience operating system security
    • Relevant security certification – CISSP, CCFP, CCSP, CEH, GCFA, GCIA

    BS Equivalent = Minimum 4 years of experience in Cybersecurity, IS, IA, IT, EE, Network engineering, Computer Science/Engineering, Computer forensics or related technical field. Experience used as equivalency for college degree must be in addition to other experience requirements

    (Req # 109.107929)