The Cybersecurity Analyst is a member of the Defensive Cyber Operations team (on the DISA GSM-O program). This team supports network assurance activities within DISA.
Candidate will perform the following duties:
- Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks
- Supports cyber security initiatives through both predictive and reactive analysis
- Articulates emerging trends to leadership and staff
- Coordinates resources during incident response efforts, driving incidents to timely and complete resolution
- Performs network traffic analysis using raw packet data, net flow, IDS data, and custom sensor output
- Reviews threat data and develops custom signatures
- Correlates actionable security events and develops unique correlation techniques
- Uses attack signatures and tactics, techniques and procedures (TTPs) to aid in Zero-Day detection
- Uses attack signatures and TTPs associated with Advanced Persistent Threats to identify new threats and attacks
- Conducts basic malware analysis of attacker tools, identifying indicators of compromise, and reverse engineer attacker encoding protocols
- Interfaces with external entities, including law enforcement and intelligence community organizations
- Provides analysis of incidents for customers by:
Want more jobs like this?
Get jobs delivered to your inbox every week.
- determining the incident's nature and formulating responses
- identifying and providing the ability to surge during emergencies
- correlating event and incident data
- determining possible effects on the DODIN, customer networks, and other organizations
- Ability to work independently and within a team as required
- Monitors Computer Network Defense (CND) security-relevant network components
- Performs infrastructure monitoring, performance assessment, new requirement analysis and support
Additional Duties:
- Prepare and disseminate CND reports, trends, responses, mitigations, analysis, and information
- Provide support to leadership for CND applicable activities within Protect, Detect, Respond, and Sustain
- Support a performance-based environment with pre-determined Acceptable Levels of Performance (ALPs)
- Support the development, documentation, and tracking of metrics relevant to the ALPs
- Interface with government counterparts and leadership
Required Experience, Education, and Certifications: • Master's degree from an accredited college in a related discipline, with three (3) years of professional experience; or Bachelor's degree from an accredited college in a related discipline, with five (5) years of professional experience; or ten (10) years professional experience in Information Security, with at least four (4) years specializing in security, vulnerability mitigation techniques, and exploitation methods within enterprise networks • DoD 8570 Compliant for IAT Level II: Possess a CASP, CCNA-Security, CISSP, CSA+, GICSP, GSEC, Security+ CE, or SSCP certification • DoD 8570 Compliant for CSSP Analyst within 180 days of employment: Possess a CEH, CFR, CSA+, GCIA, GCIH, GISCP, or SCYBER certification • In-depth understanding of TCP/IP protocols, ports, and services • Strong communication skills, both written and verbal
Desired Experience, Education, and Certifications: • CND experience • Department of Defense experience • *NIX familiarity • Command Line Scripting skills (PERL, Python, PowerShell scripting) to automate analysis task • Knowledge of hacker TTPs • Be able to conduct basic malware analysis • Demonstrated hands on experience with various static and dynamic malware analysis tools • Knowledge of advanced threat actor TTPs • Understanding of software exploits • Ability to analyze packed and obfuscated code • Comprehensive understanding of common Windows APIs and ability to analyze shellcode
Required Clearance: Active TS/SCI
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V