Cyber Protection Team Analyst

About The Position

Requirements

• Active Top Secret with SCI eligibility.
• 10+ years of experience in any combination of cyber technology, cybersecurity, offensive cyber operations, penetration testing, coding/scripting, vulnerability assessments, network/system administration, or related fields.
• BA/BS or equivalent years of relevant experience.
• IAT III & CSSP.
• Extensive Cyber Threat/Protection Analysis experience, including experience conducting or supporting Cyber Mission Forces exercises.
• Expert understanding of cyber threats, information security, and monitoring and detection.

Nice To Haves

• Minimum 48 months experience conducting or supporting Cyber Mission Forces exercises.
• Advanced Security Onion Course Certification.
• Advanced Network Forensic and Analysis Certification.
• SIEM with Tactical Analytics (SEC555) completion.
• GIAC Certifications: GCIA, GNFA.
• Offensive Security Certified Practitioner (OSCP).
• Offensive Security Certified Expert (OSCE).
• Windows System Analyst Senior Level Certified.
• Minimum 60 months as certified Senior Level Analyst.
• Microsoft 365 Certified: Modern Desktop Administrator Associate.
• GIAC Windows Security Administrator.
• SIEM with Tactical Analytics (SEC555) completion.
• Offensive Security Certified Practitioner (OSCP).
• Offensive Security Certified Practitioner (OSCE).
• Unix/Linux System Administrator Senior Level Certified.
• Minimum 60 months as certified Senior Level Analyst.
• Enterprise Diagnostic and Troubleshooting Training.
• Enterprise Linux System Administration.
• Active Defense Offensive Countermeasures and Cyber Deception (SEC550).
• SIEM with Tactical Analytics (SEC555).
• Offensive Security Certified Practitioner (OSCP).
• Offensive Security Certified Expert (OSCE).

Responsibilities

• Actively review all data feeds, analytical systems, sensor platforms, and output from other tool products.
• Provide written or oral reports of findings to designated leadership for further investigation or for action.
• Participate in a variety of Information System Security (ISS) activities, including: monitoring of systems status; escalating and reporting potential incidents; creating and updating incident cases and tickets; risk assessment analysis for High Assurance Gateway (HAG) access and Web Access Requests (WARs); analyzing ISS reports; applying various antivirus, intrusion detection, DMA, and vulnerability assessment tools, techniques and procedures; authoring and implementing custom detection content; tuning the SIEM and IDS/IPS events to minimize false positives; authoring and maintaining custom SIEM content; program analysis and review; hardware and software evaluation and analysis; process improvement; data management; and coordination and reporting of ISS-related incidents.
• Investigate and positively identify anomalous events that are detected by security devices or reported from external entities, USCG components, system administrators, and the user community, via security monitoring platform and tools, incoming phone calls, and emails.
• Provide informal investigation, review, and recommendation documentation, as necessary.
• Contribute to deliverables and reports.

Benefits

• healthcare
• wellness
• financial
• retirement
• family support
• continuing education
• time off benefits