Cyber Security Specialist

This is an excellent opportunity to analyze alerts, security events, and logs for threats such as computer viruses, exploits, and malicious attacks. The Cyber Security Analyst will use critical thinking to bring together information from multiple sources to determine if a threat is present. The ideal candidate will be able to effectively notate work completed during an investigation.

The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations. To be successful in this role you should be familiar with common Intrusion Detection Systems, virus and malware behavior, and intrusion response methodologies. This position requires a minimum of 5 years of applicable experience.

Duties, Tasks, And Responsibilities

• Responsible for providing Risk Management Framework (RMF) support to Information System Security Officer or Manager (ISSO/ISSM) for implementation and continuous monitoring.
• Responsible for providing Security Assessments for Enlightened customers using standards such as NIST 800-53 for implementation and continuous monitoring.
• Provide support and guidance on the deployment, use and administration of Cybersecurity operations tools
• Ensure that the controls within the security controls baseline are in place and functioning as intended to protect data.
• Coordinate the identification and remediation of cybersecurity control weaknesses with financial audit impacts.
• Track incoming alerts from multiple clients, and sources effectively.
• Monitor and support security operations for malicious activity.
• Perform CERT/SOC operations to include incident monitoring, response, and reporting.
• Responsible for determining appropriate response action(s) to an incident, following the agency standard techniques, tactics, and procedures.
• Responsible for the analysis and reporting of cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions.
• Supports cyber and network incidents and warning activity
• Performs security event and incident correlation using information gathered from a variety of sources within the enterprise
• Performs cyber incident triage to include determining scope, urgency, and potential impact; identify the specific vulnerability and make recommendations which enable expeditious remediation
• Tracks cyber actions from initial detection through final resolution
• Analyzes and assesses damage to the data / infrastructure
• Performs cyber engineering trend analysis and reporting

Technical Qualifications

• Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
• Experience in computer evidence seizure, computer forensic analysis, and data recovery, and/or Computer network forensics
• Experience in computer intrusion analysis and incident response, Intrusion detection
• Applicants must be able to work in a team environment
• Ability to handle stress and work well under pressure
• Experience with Leading SIEM Technologies

Education/Certifications

• B.S./B.A. in Engineering, Science, or Mathematics is preferred. However, work experience may be used in lieu of education/degree.
• 6+ years of hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following: Computer network surveillance/monitoring
• Experience working within a Cybersecurity Operations Center environment
• Experience with COTS technologies used in a Cybersecurity Engineering environment
• CNDSP-A (GCIA, GCIH, or CEH) or CNDSP-IR (GCIH, CSIH, or CEH) certification preferred
• IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification preferred