Please upgrade your web browser

These pages are built with modern web browsers in mind, and are not optimized for Internet Explorer 8 or below. Please try using another web browser, such as Internet Explorer 9, Internet Explorer 10, Internet Explorer 11, Google Chrome, Mozilla Firefox, or Apple Safari.

AdvisorNet

Cyber Analyst PD w TS/SCI in Columbus,Ohio w 8-10 yrs exp

Posted on 2 March 2018 by

Company
Datrose 
Industry
Information Technology 
Location
Blacklick, OH  

Datrose is hiring for an for an exciting contract opportunity in Columbus,Ohio. If you have 1 plus years of experience, and a TS/SCI security clearance , and think you would be a great fit for this position, please send your resume to rvargas@datrose.com ASAP W2 ONLY

Job Description
seeking a senior Cyber Intel Analyst supporting the DISA GSM-O program at xxxx location. The qualified candidate will be a member of the Network Assurance Team supporting the DISA Global Field Command. The analyst will perform cyber threat and vulnerability intelligence analysis, correlate actionable security events, perform network traffic analysis using various log and data sources, including raw packet data, netflow, IDS, IPS, and custom sensor output as it pertains to the cyber security of communication networks. The Analyst will also participate in the coordination of resources during incident response events and utilize their knowledge to inform effective, durable countermeasures.
Responsibilities
Perform analysis on relevant network defense data from various sources to establish the timeline of events associated with both attempted and successful network intrusions.
Maintain a high level of situational awareness, and leverage existing understanding of threats to prioritize analysis
Inform countermeasures through identification of new tactics, techniques, and procedures used by threat actors
Mentor junior analysts
Support the development of analytical procedures and advanced detection and correlation content to meet changing requirements, and continue evolution towards a threat-focused Defensive Cyber Operations (DCO) strategy
Support the refinement of SIEM reports to track trends and demonstrate countermeasure effectiveness

Basic Qualifications
Top Secret clearance w/ SCI Eligibility
8570 IAT Level 2 certification (Security+, CCNA-Security, or equivalent) w/ the ability to obtain CND-A certification w/in 180 days of start date
CND experience (Protect, Detect, Respond, and Sustain) within a Computer Incident Response organization
Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures
Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC) and other attack artifacts in support of incident investigations
Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
Willing to perform shift work
Motivated self-starter with strong written and verbal communication skills and the ability to create complex technical reports on analytic findings
Desired Qualifications
Active TS/SCI clearance
Experience w/ DoD Networks
In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform
Experience and proficiency with any of the following: Anti-Virus, HIPS, IDS/IPS, FPC, Host-Based Forensics, Network Forensics
Unix/Linux command line experience
Scripting and programming experience
Familiarity or experience in Intelligence Driven Defense and/or the Cyber Kill Chain methodology
Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification.
Experience and proficiency with any of the following: Anti-Virus, HIPS, IDS/IPS, FPC, Host-Based Forensics, Network Forensics
Unix/Linux command line experience
Scripting and programming experience
Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification.
Datrose is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, protected veteran status, or status as a qualified individual with disability.

Posted By