View all jobs

Cyber Responder Analyst - Weekend Shift

Washington, DC
Cybersecurity Responder Analyst
 
We are seeking a Cybersecurity Responder/Analyst candidate for a full time opening in Washington, DC. All applicants must be U.S Citizens with an active Top Secret Clearance and the ability to obtain a Q/SCI.

PRIMARY RESPONSIBILITIES:
  • Serve as the Cybersecurity Responder/Analyst responsible for analyzing information collected from a variety of sources to identify, analyze, respond to, contain, and report on events to protect information systems and networks from threats.
  • Perform technical security activities to include:
    • Characterize and analyze security events to identify anomalous and potential threats to systems
    • Analyze identified malicious activity to determine exploitation methods and impacts
    • Triage, contain, and remediate intrusions, malware, and other cybersecurity threats
    • Document, track and escalate cybersecurity incidents
  • Employ best practices when implementing security requirements within an information system. 
  • Participate in IC Community working groups.
  • May serve as a technical team or task leader.
  • Maintains current knowledge of relevant technology and threats as assigned.
  • Respond to cyber incidents as defined in Incident Response and local SOP.
  • Participates in special projects as required.
  • Participate as central part of a 24x7 watch center responsible for monitoring for, responding to, tracking, and relaying information from cybersecurity events and associated cyber threat intelligence.
  • Answer SOC Watch phones and monitor SOC Watch email.
  • Define, implement, and respond to cybersecurity alerts for anomalous and malicious activity
  • Implement new signatures and IOCs
  • Maintain current knowledge of common adversary tactics, techniques, and procedures.
  • Working in a SIEM, interpreting IDS alerts, interpreting pcap, sysmon, and NetFlow data, and deriving context from event logs and forensic artifacts
  • Knowledge of the IC and audit collection policies.
  • Experience reporting IT Security events/incidents in the time prescribed based on policies and procedures.
  • Coordinate incident and cyber threat intelligence data with other cybersecurity operations and intelligence centers
 
The Cybersecurity Responder/Analyst duties also include the following, and ideal applicants will be experienced in at least one of the following areas:
  • Digital Forensics for Incident Response
  • Malware Analysis
  • Reverse Engineering
  • Penetration testing
  • Data Analytics/Machine Learning
  • Coding in Powershell, Python, or equivalent
 
GENERAL CHARACTERISTICS:
  • Candidate will be a Proactive Self Starter
  • Candidate will Require Little to No Immediate Supervision or Day to Day Tasking
  • Candidate will Possess Excellent Decision Making Skills.
  • Candidate will Demonstrate Flexibility and Possess the Willingness to Support Shift Work if Needed.
  • Candidate will Possess Excellent ability to collaborate as a Team and Possess Excellent Interpersonal Skills.
  • Candidate will Possess Excellent Oral and Written Communication Skills and be able to Interact with Senior Levels of Management.
  • Experience working in Cybersecurity with a Bachelor’s Degree in a technical field.
  • Desired Candidates have GIAC or other security certification.
  • Possesses experience supporting the Intelligence Community (IC)
  • Experience analyzing host based security events and indicators
  • Experience analyzing network based security events and indicators
  • Experience working in a SOC and supporting incident response
  • Experience with supporting the Joint Worldwide Intelligence System (JWICS).
  • Knowledge of cloud architecture.
  • Knowledge of virtualization capabilities
 
CLEARANCE:
 Must possess an active TS clearance (SCI preferred) and ability to obtain a Q/SCI clearance. To ensure Q clearances are processed in a timely manner (3-6 months), candidates must be natural born citizens.
 
 
Powered by