Cyber Security Analyst (Government)

A member of the Network Assurance (NA) Team (DISA GSM-O program) that lead/support NA Activities within DISA Global.

Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks. Supports cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Coordinates resources during enterprise incident response efforts, driving incidents to timely and complete resolution. Performs network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks. Reviews threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities. Correlates actionable security events from various sources including Security Information Management System (SIMS) data and develops unique correlation techniques. Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats. Develops analytical products fusing enterprise and all- source intelligence. Be able to conduct malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols. Interfaces with external entities including law enforcement organizations, intelligence community organizations and other government agencies such as the Department of Defense.

  • Candidate will provide CND reports, trends, responses, mitigations, analysis, and information dissemination.
  • Candidate will provide C2 support, situational awareness support, and provide leadership & support for all CND applicable activities within Protect, Detect, Respond, and Sustain.
  • Candidate will support teams within a performance-based environment with pre-determined Acceptable Levels of Performance (ALP’s).
  • Candidate will support the development, documentation and tracking of measurements & metrics relevant to the ALP’s.
  • Candidate interfaces with Government counterparts, both CONUS & OCONUS, along with contract team members.
  • Candidate is responsible for maintaining the integrity & security of enterprise-wide systems & networks.
  • Candidate supports security initiatives through predictive & reactive analysis, and by articulating emerging trends to leadership & staff.

Note: CND Team duties include but are not limited to:

Detect:

  • Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks
  • Correlate actionable security events from various sources, including Security Information Management System (SIMS) data & develop unique correlation techniques
  • Utilize knowledge of attack signatures, tactics, techniques and procedures to aid in the detection of Zero-Day attacks

Response:

  • Participate in the coordination of resources during enterprise incident response efforts
  • Interface with external entities including law enforcement, intelligence community & other government agencies
  • Provide limited analysis of incidents for the customers by: determining the incidents’ nature and formulating responses; identifying & providing the ability to surge during emergencies; correlating event & incident data; determining possible effects on the DODIN, customer networks, and other organizations

Sustain:

  • Review threat data from various sources & aid in the development of custom signatures for Open Source & commercial off-the-shelf (COTS) IDS
  • Provide CND server admin & maintenance of intrusion detection systems, and other associated equipment
  • Ensure security plan compliance
  • Monitor CND security-relevant network components
  • Perform infrastructure monitoring, performance assessment, new requirement analysis and support

Protect:

Provide support to serviced components & appropriate Government oversight entities by implementing DoD-wide Red Team: notifications, reports, assessments, coordination, information collection, performance measurement, requirements identification, and feedback

Basic qualifications are those that the candidate must absolutely possess in order to be selected for the position, and Desired Skills are those skills that would set a candidate apart from the others.

Basic Qualifications:

  • Candidate must possess a CompTIA Security+ with Continuing Education (CE) certification
  • Candidate must have experience supporting CND or related teams.
  • Candidate must have experience working CND duties (e.g., Protect, Defend, Respond, and Sustain).
  • Candidate must have experience working with DoD / Government Leaders at all levels.
  • Candidate must have strong communication skills (both written and verbal).
  • Candidate must have an in-depth understanding of TCP/IP protocols, ports, and services

Desired skills:

  • Candidate should have at least one other IA certification completed, i.e., SSCP, CSIH, GCIA, GCIH or CEH.
  • Candidate should have UNIX Administrative skills.
  • Candidate should have Command Line Scripting skills (PERL, python, shell scripting) to automate analysis task.
  • Knowledge of hacker tactics, techniques, and procedures (TTP).
  • Be able to conduct malware analysis.
  • Demonstrated hands on experience with various static and dynamic malware analysis tools
  • Knowledge of advanced threat actor tactics, techniques and procedures (TTP)
  • Understanding of software exploits.
  • Ability to analyze packed and obfuscated code.
  • Comprehensive understanding of common Windows APIs and ability to analyze shellcode.

Bachelor’s degrees from an accredited college in a related discipline, or equivalent experience/combined education, with 5 years of professional experience; or 3 years of professional experience with a related Master’s degree.

Required Clearance: Top Secret or above.

#LI-ME1

AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V

Requisition ID 1659271


Meet Some of AT&T's Employees

Nancy D.

Traffic Manager

Nancy increases the capabilities of AT&T products by expanding access, tracking, and applications, and designs purposeful and user-friendly devices that can improve people’s lives.

Michael A.

Innovation Coach

Michael inspires and motivates the AT&T Foundry's creative teams to design solid and sophisticated software systems, customer-friendly products and services, and exceptionally efficient company technologies.


Back to top