Cyber Security Analyst (Government)

The Cybersecurity Analyst is a member of the Defensive Cyber Operations team (on the DISA GSM-O program). This team supports network assurance activities within DISA.

Candidate will perform the following duties:

* Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks

* Supports cyber security initiatives through both predictive and reactive analysis

* Articulates emerging trends to leadership and staff

* Coordinates resources during incident response efforts, driving incidents to timely and complete resolution

* Performs network traffic analysis using raw packet data, net flow, IDS data, and custom sensor output

* Reviews threat data and develops custom signatures

* Correlates actionable security events and develops unique correlation techniques

* Uses attack signatures and tactics, techniques and procedures (TTPs) to aid in Zero-Day detection

* Uses attack signatures and TTPs associated with Advanced Persistent Threats to identify new threats and attacks

* Conducts basic malware analysis of attacker tools, identifying indicators of compromise, and reverse engineer attacker

encoding protocols

* Interfaces with external entities, including law enforcement and intelligence community organizations

* Provides analysis of incidents for customers by:

* determining the incident's nature and formulating responses

* identifying and providing the ability to surge during emergencies

* correlating event and incident data

* determining possible effects on the DODIN, customer networks, and other organizations

* Ability to work independently and within a team as required

* Monitors Computer Network Defense (CND) security-relevant network components

* Performs infrastructure monitoring, performance assessment, new requirement analysis and support

Additional Duties:

* Prepare and disseminate CND reports, trends, responses, mitigations, analysis, and information

* Provide support to leadership for CND applicable activities within Protect, Detect, Respond, and Sustain

* Support a performance-based environment with pre-determined Acceptable Levels of Performance (ALPs)

* Support the development, documentation, and tracking of metrics relevant to the ALPs

* Interface with government counterparts and leadership

Additional Information:

Required Experience, Education, and Certifications:

* Master's degree from an accredited college in a related discipline, with three (3) years of professional experience; or

Bachelor's degree from an accredited college in a related discipline, with five (5) years of professional experience; or ten

(10) years professional experience in Information Security, with at least four (4) years specializing in security, vulnerability

mitigation techniques, and exploitation methods within enterprise networks

* DoD 8570 Compliant for IAT Level II: Possess a CASP, CCNA-Security, CISSP, CSA+, GICSP, GSEC, Security+ CE, or

SSCP certification

* DoD 8570 Compliant for CSSP Analyst within 180 days of employment: Possess a CEH, CFR, CSA+, GCIA, GCIH,

GISCP, or SCYBER certification

* In-depth understanding of TCP/IP protocols, ports, and services

* Strong communication skills, both written and verbal

Desired Experience, Education, and Certifications:

* CND experience

* Department of Defense experience

* *NIX familiarity

* Command Line Scripting skills (PERL, Python, PowerShell scripting) to automate analysis task

* Knowledge of hacker TTPs

* Be able to conduct basic malware analysis

* Demonstrated hands on experience with various static and dynamic malware analysis tools

* Knowledge of advanced threat actor TTPs

* Understanding of software exploits

* Ability to analyze packed and obfuscated code

* Comprehensive understanding of common Windows APIs and ability to analyze shellcode

Required Clearance: Active TS/SCI

AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V

Job ID 1819107 Date posted 04/24/2018