Cyber Security Operations Analyst

Employer
AboutWeb
Location
Bethesda, VA
Posted
Jun 12, 2017
Closes
Jul 07, 2017
Industry
Security
Hours
Full Time
Senior Cyber Security Operations Analyst

AboutWeb is currently looking for a Senior Cyber Security Operations Analyst to join a Security Operations organization on a contract with a federal government client with an important mission.

Members of this team are highly motivated, self-driven, and are given great latitude to operate. This is an advanced hybrid role combining Client, investigations, analysis, and hunting. Qualified candidates must have great initiative, a positive and healthy questioning attitude, and a drive to continuously help mature SOC operations. This role affords the opportunity to work with a great team while serving a fulfilling mission. Apply today!
Responsibilities:
Role and Responsibilities:
  • Apply strategic, operational, and tactical cyber intelligence to improve security operations
  • Lead and/or support efforts to prepare for, monitor, detect, analyze/confirm, contain, remediate, and recover from security incidents
  • Conduct deep analysis and hunting operations
  • Perform investigation of network traffic and hosts/endpoints for potential security incidents, to include
    • Sensor data and log analysis
    • Netflow data
    • Packet captures
    • Memory analysis
    • Disk forensics
  • Provide adequate metrics, documentation, executive summaries and briefings to leadership and other constituents
Qualifications / Requirements:
Required Qualifications:
  • Credentials
    • BS/BA degree
    • Five or more years of work experience
    • Three or more years of cyber security work experience
    • One or more certifications in information security (such as GCIA, GCIH, CEH, CISSP, SSCP, Sec+, etc)
  • Sound cyber security knowledge foundation, to include understanding of
    • Adversary TTPs
    • Network technology and common protocols
    • Network security
    • Host security
    • Malware
    • Security tools and sensors
  • Experience, Skills and Abilities
    • High technical ability/aptitude, demonstrated through prior technical experience and accomplishment
    • Network investigation experience, to include netflow and packet/protocol capture and analysis
    • Endpoint/host forensics experience (disk and memory)
    • SIEM experience
    • Superior analytic skill demonstrated by the quality of output products (analyses, reports, presentations, etc)
    • Strong critical thinking, problem solving, and organization skills
    • Strong teamwork and collaboration skills
    • Good written and verbal communication skills
    • Ability to pass a security clearance background investigation

Preferred Qualifications:
  • Security clearance
  • Experience and effective participation in hunt, computer network defense, real-time analysis and incident response activities, to include ability to reconstruct events from network, endpoint, and log data
  • Experience and understanding of host-based/endpoint protection systems
  • Cyber intelligence experience
  • Intelligence community experience
  • Programming experience
  • Scripting experience
  • Server administration experience
  • Enterprise forensic tool(s) experience
  • Federal contract experience