We are seeking a Cyber Security Watch candidate for a full time opening in Washington, DC. All applicants must be U.S Citizens with an active Top Secret Clearance and the ability to obtain a Q/SCI.
- Serve as the Cybersecurity Watch Analyst responsible for analyzing information collected from a variety of sources to identify, analyze, and report on events to protect information systems and networks from threats.
- Perform technical security activities to include:
- Characterize and analyze security events to identify anomalous and potential threats to systems
- Analyze identified malicious activity to determine exploitation methods and impacts
- Triage intrusions, malware, and other cybersecurity threats
- Document, track and escalate cybersecurity incidents
- Comment on new ODNI/NIST standards / regulations as applies to client environment
- Employ best practices when implementing security requirements within an information system.
- Participate in IC Community Shared Resources Working Group.
- May serve as a technical team or task leader.
- Maintains current knowledge of relevant technology as assigned.
- Respond to cyber incidents as defined in DOE-IN Incident Response and local SOP.
- Participates in special projects as required.
- Cyber security experience with a Bachelor’s Degree in a technical field.
- Desired Candidates have CISSP or other security certification.
- Knowledge of common adversary tactics, techniques, and procedures.
- Experience working in a SIEM, interpreting IDS alerts, and deriving context from event logs
- Candidates must have the following experience and knowledge:
- Knowledge of the IC and audit collection policies.
- Possess effective interpersonal and presentation skills as he/she operates in a client-facing role.
- Possess the ability to communicate in written and oral form. Publication or presentation experiences a plus.
- Experience reporting IT Security events/incidents in the time prescribed based on policies and procedures.
- Candidate will be a Proactive Self Starter
- Candidate will Require Little to No Immediate Supervision or Day to Day Tasking
- Candidate will Possess Excellent Decision Making Skills.
- Candidate will Demonstrate Flexibility and Possess the Willingness to Support Shift Work if Needed.
- Candidate will Possess Excellent ability to collaborate as a Team and Possess Excellent Interpersonal Skills.
- Candidate will Possess Excellent Oral and Written Communication Skills and be able to Interact with Senior Levels of Management.
- Possesses experience supporting the Intelligence Community (IC)
- Experience analyzing host based security events and indicators
- Experience analyzing network based security events and indicators
- Experience working in a SOC and supporting incident response
- Experience with supporting the Joint Worldwide Intelligence System (JWICS).
- Knowledge of cloud architecture.
- Knowledge of virtualization capabilities
Must possess an active TS clearance (SCI preferred) and ability to obtain a Q/SCI clearance.