Cyber Intrusion Analyst
Ready for a challenging opportunity to support the Global Enterprise Network Command and Control capabilities for forces stationed around the world including forces within the Joint Information Environment (JIE). The Government executes defensive cyber operations - internal defensive measures (DCOIDM) within the global Enterprise Network and joint networks to include protection, detection, response, recovery, and sustainment functions. Parsons is pursuing an opportunity to support the Government's goal to disrupt, deny, and degrade network adversaries' ability to influence the confidentiality, integrity, availability, authentication and non-repudiation of IT services provided to users on joint networks. We are seeking a Cyber Intrusion Analyst to join us in managing this work supporting the Defensive Cyber Operations Section (DCOS) by analyzing network traffic, identifying malicious and unauthorized activity, and responding to intrusion incidents; implementing, configuring, operating, and maintaining network defense systems; and auditing network security controls, managing enterprise vulnerabilities, drafting formal direction for review and ensuring compliance with enterprise remediation measures. The primary location of the work will sit in Quantico, VA. Provide the capabilities necessary to review exploit code and its associated vulnerabilities, discover enterprise security discrepancies, assess associated risks, and assist with the development of remedial action in coordination with a mitigation team. Lead a team in the thorough analysis of the capabilities and effects of adversary tactics, techniques, and procedures (TTPs) within the network to improve the overall defense posture. Coordinate and execute external security assessments to discover vulnerabilities in a production environment. Prioritize mitigation actions based on assessed risk upon discovery of critical exploits and vulnerabilities within the lab and production environments. Conduct, analyze, and review penetration tests and Joint Red Team assessment results to develop Cyber defense recommendations. Maintain a lab environment to test adversary tactics, techniques, and procedures. Analyze the creation of repeatable data analysis processes that identify the attributes and indications of targeted activity for profile development. Qualifications : -5 years of experience with assessments, including penetration tests of systems and networks in a DoD network environment -5 years of experience with developing exploit code for network and system penetration testing -5 years of experience with penetration testing of Web applications -5 years of experience with developing specialized applications for the assessment and security testing of Web applications -5 years of experience with developing and maintaining custom applications that exploit known system vulnerabilities or system mis-configurations to gain system command and control during Red Team operations -Active TS/SCI clearance -HS diploma or GED; BS in Computer Science or IT related field desired -DoD 8570 IAT Level III Certification, including CISA,CASP, CISSP, or GCED -DoD 8757 CSSP Auditor Certification, including CISA, CEH, or GSNA Additional Qualifications: -Experience in implementing or assessing compliance with a DoD, Department of Navy (DON), or US Marine Corps (USMC) CND policies, regulations, and compliance documents -Experience in assessing compliance with security controls and DoD Secure Technical Implementation Guidelines (STIGs) supporting the DoD IA Certification and Accreditation Process (DIACAP) and Risk Management Framework (RMF) -Experience with providing the support required to maintain the Government's CSSP accreditation per the standards set forth in the CSSP program manual, DOD -8530.1-M -BA or BS degree -Professional level certification in one or more technical fields, including a computing environment (CE), such as Windows, UNIX, or Red Hat Linux Clearance : Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; active TS/SCI clearance is required.