Cyber Security Analyst (Government)

The Cybersecurity Analyst is a member of the Defensive Cyber Operations team (on the DISA GSM-O program). This team supports network assurance activities within DISA.

Candidate will perform the following duties:
- Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks
- Supports cyber security initiatives through both predictive and reactive analysis
- Articulates emerging trends to leadership and staff
- Coordinates resources during incident response efforts, driving incidents to timely and complete resolution
- Performs network traffic analysis using raw packet data, net flow, IDS data, and custom sensor output
- Reviews threat data and develops custom signatures
- Correlates actionable security events and develops unique correlation techniques
- Uses attack signatures and tactics, techniques and procedures (TTPs) to aid in Zero-Day detection
- Uses attack signatures and TTPs associated with Advanced Persistent Threats to identify new threats and attacks
- Conducts basic malware analysis of attacker tools, identifying indicators of compromise, and reverse engineer attacker
encoding protocols
- Interfaces with external entities, including law enforcement and intelligence community organizations
- Provides analysis of incidents for customers by:
- determining the incident's nature and formulating responses
- identifying and providing the ability to surge during emergencies
- correlating event and incident data
- determining possible effects on the DODIN, customer networks, and other organizations
- Ability to work independently and within a team as required
- Monitors Computer Network Defense (CND) security-relevant network components
- Performs infrastructure monitoring, performance assessment, new requirement analysis and support

Additional Duties:
- Prepare and disseminate CND reports, trends, responses, mitigations, analysis, and information
- Provide support to leadership for CND applicable activities within Protect, Detect, Respond, and Sustain
- Support a performance-based environment with pre-determined Acceptable Levels of Performance (ALPs)
- Support the development, documentation, and tracking of metrics relevant to the ALPs
- Interface with government counterparts and leadership

Required Experience, Education, and Certifications:
- Master's degree from an accredited college in a related discipline, with three (3) years of professional experience; or
Bachelor's degree from an accredited college in a related discipline, with five (5) years of professional experience; or ten
(10) years professional experience in Information Security, with at least four (4) years specializing in security, vulnerability
mitigation techniques, and exploitation methods within enterprise networks
- DoD 8570 Compliant for IAT Level II: Possess a CASP, CCNA-Security, CISSP, CSA+, GICSP, GSEC, Security+ CE, or
SSCP certification
- DoD 8570 Compliant for CSSP Analyst within 180 days of employment: Possess a CEH, CFR, CSA+, GCIA, GCIH,
GISCP, or SCYBER certification
- In-depth understanding of TCP/IP protocols, ports, and services
- Strong communication skills, both written and verbal

Desired Experience, Education, and Certifications:
- CND experience
- Department of Defense experience
- *NIX familiarity
- Command Line Scripting skills (PERL, Python, PowerShell scripting) to automate analysis task
- Knowledge of hacker TTPs
- Be able to conduct basic malware analysis
- Demonstrated hands on experience with various static and dynamic malware analysis tools
- Knowledge of advanced threat actor TTPs
- Understanding of software exploits
- Ability to analyze packed and obfuscated code
- Comprehensive understanding of common Windows APIs and ability to analyze shellcode

Required Clearance: Active TS/SCI

AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V

Back to top