Job Description

Essential Job Functions

• Use information collected from a variety of sources to monitor network activity and analyze it for evidence of anomalous behavior. 
• Identify, triage and report events that occur in order to protect data and information systems. 

• Recommend proactive security measures. 
• Notify stakeholders of suspected incidents, articulating technical information surrounding the suspected incident. 
• Implement mitigations in accordance with cyber incident response plan. 
• Conduct PCAP analysis. 
• Perform advanced manual analysis to hunt previously unidentified threats. 

• Demonstrated ability to analyze and identify network and host-based security threats. 
• Understanding of snort filters and their use in IDS alerts. 
• Understanding of network hardening methodologies. 
• Working knowledge of enterprise-level IDS/IPS and firewall topologies. 

Minimum Required Qualifications

• Due to the nature of this position and the information that employees will be required to access; U.S. Citizenship is required.
• Active Top Secret Security Clearance with Full Scope polygraph is required.  
• Four years of demonstrated experience as a Cyber Defense Analyst is required.
• One year of experience with TCP/IP is required.

• One year of experience with tcpdump or Wireshark/tshark is required. 
• Two years of experience with SIEM suites such as Splunk, Arcsight or Kibana is required. 
• DoD 8570 compliance with Cybersecurity Service Provider (CSSP) Analyst baseline certification, Information Assurance Technical (IAT) Level I or Level II certification, and Computing Environment (CE) certification. Wireless certification similar to Certified Wireless Network Administrator (CWNA) to Assessing and Auditing Wireless Networks (GAWN), Certified Wireless security Professional (CWSP), Offensive Security Wireless Fidelity (OSWP), Cisco Certified Network Associate (CCNA-Wireless), Or Cisco Certified Network Professional (CCNP-Wireless) is required.
• Multiple shifts available.