Cybersecurity Analyst (Government)

The Cybersecurity Analyst is a member of the Defensive Cyber Operations team (on the DISA GSM-O program). This team supports network assurance activities within DISA.

Candidate will perform the following duties:

  •  Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks
  • Supports cyber security initiatives through both predictive and reactive analysis Articulates emerging trends to leadership and staff
  • Coordinates resources during incident response efforts, driving incidents to timely and complete resolution
  • Performs network traffic analysis using raw packet data, net flow, IDS data, and custom sensor output
  • Reviews threat data and develops custom signatures
  • Correlates actionable security events and develops unique correlation techniques Uses attack signatures and tactics, techniques and procedures (TTPs) to aid in Zero-Day detection
  • Uses attack signatures and TTPs associated with Advanced Persistent Threats to identify new threats and attacks
  • Conducts basic malware analysis of attacker tools, identifying indicators of compromise, and reverse engineer attacker encoding protocols
  • Interfaces with external entities, including law enforcement and intelligence community organizations
  • Provides analysis of incidents for customers by:

  • determining the incident's nature and formulating responses
  • identifying and providing the ability to surge during emergencies
  • correlating event and incident data determining possible effects on the DODIN, customer networks, and other organizations

  • Ability to work independently and within a team as required
  • Monitors Computer Network Defense (CND) security-relevant network components
  • Performs infrastructure monitoring, performance assessment, new requirement analysis and support

Additional Duties:

  • Prepare and disseminate CND reports, trends, responses, mitigations, analysis, and information
  • Provide support to leadership for CND applicable activities within Protect, Detect, Respond, and Sustain Support a performance-based environment with pre-determined Acceptable Levels of Performance (ALPs)
  • Support the development, documentation, and tracking of metrics relevant to the ALPs
  • Interface with government counterparts and leadership


Required Experience, Education, and Certifications:
  • Master's degree from an accredited college in a related discipline, with three (3) years of professional experience; or Bachelor's degree from an accredited college in a related discipline, with five (5) years of professional experience; or ten (10) years professional experience in Information Security, with at least four (4) years specializing in security, vulnerability mitigation techniques, and exploitation methods within enterprise networks
  • DoD 8570 Compliant for IAT Level II: Possess a CASP, CCNA-Security, CISSP, CSA+, GICSP, GSEC, Security+ CE, or SSCP certification
  • DoD 8570 Compliant for CSSP Analyst within 180 days of employment: Possess a CEH, CFR, CSA+, GCIA, GCIH, GISCP, or SCYBER certification
  • In-depth understanding of TCP/IP protocols, ports, and services
  • Strong communication skills, both written and verbal

Desired Experience, Education, and Certifications:
  • CND experience
  • Department of Defense experience
  • *NIX familiarity
  • Command Line Scripting skills (PERL, Python, PowerShell scripting) to automate analysis task
  •  Knowledge of hacker TTPs
  • Be able to conduct basic malware analysis
  • Demonstrated hands on experience with various static and dynamic malware analysis tools
  • Knowledge of advanced threat actor TTPs
  • Understanding of software exploits
  • Ability to analyze packed and obfuscated code
  • Comprehensive understanding of common Windows APIs and ability to analyze shellcode

Required Clearance: Active TS/SCI


Back to top