Title: Cybersecurity Operations Analyst ~ IVLocation: National Capital Region or Colorado Springs, COClearance: TS/SCI with the ability to obtain and maintain a CI polygraphJob Details:Performs forensic analysis of digital information and gathers and handles evidence. Monitor systems and networks for intrusions and proactively identify security flaws and vulnerabilities, and then develop plans of action to remediate security issues. Performs data analysis and evidence collection and assess and mitigate threats, both past present and future. May use programming skills to help reverse engineer malicious code and help create fixes for vulnerable applications or services on the network. Perform security audits, risk analysis, network forensics and penetration testing in order to analyze, develop, and recommend courses of action.Responsible for the full lifecycle of security incidents involving enterprise systems and data including personally identifiable information (PII) breachesManage and respond to computer security incidents through detection, investigation, analysis, remediation, and reporting of cybersecurity incidents in a timely manner with high qualityHelp improve the overall security posture through obtaining the knowledge of the enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholdersPerform analysis of log files from a variety of sources (eg, individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network securityRespond to cyber incidents, including responding to IR phone calls and emails, and preparing situational awareness reports and escalate incidents as neededInvestigate phishing and other user self-identified potential cyber threatsPerform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediationCorrelate incident data to identify specific vulnerabilities and make recommendationsEnsures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies through monitoring of vulnerability scanning devicesIdentifies network computer intrusion evidence and perpetrators, and coordinates with other government agencies to record and report incidentsConduct cyber trend analysis as well as malware analysisIdentify and analyze anomalies in network traffic using metadataCollect intrusion artifacts (eg, source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterpriseTrack incidents thoroughly and communicate with end users and management effectivelyParticipate regularly in working group sessions, to include idea generation for new content rules for security alerting and reduction of false positives.Evaluate the current Computer Security Incident Response Capability (CSIRC) to ensure compliance with federal mandates for incident response and reportingMaintain CSIRC specific Standard Operation Procedures and Incident Response PlansRequirements:Bachelor's degreeExperience working in a DoD or Intelligence Community EnvironmentCurrent active TS/SCI clearance, with the ability to obtain and maintain a CI polygraphCOVID-19: This position requires contractor personnel to attest to being fully vaccinated or, if not fully vaccinated, provide weekly testing results if located at facilities in medium and high community levels; weekly testing is not required for individuals located at facilities at low community levels; based on rates measured by the CDC, those located at facilities in counties with high community levels must always wear a mask; Masks are not required for all those located at facilities at low and medium community levelsEqual Opportunity Employer/Veteran/Disabled