The Senior Computer Security Systems Specialist is a member of the Defensive Cyber Operations team (on the DISA GSM-O program). This team supports network assurance activities within DISA.
Candidate will perform the following duties:
- Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks
- Supports cyber security initiatives through both predictive and reactive analysis
- Articulates emerging trends to leadership and staff
- Coordinates resources during incident response efforts, driving incidents to timely and complete resolution
- Performs network traffic analysis using raw packet data, net flow, IDS data, and custom sensor output
- Reviews threat data and develops custom signatures
- Correlates actionable security events and develops unique correlation techniques
- Uses attack signatures and tactics, techniques and procedures (TTPs) to aid in Zero-Day detection
- Uses attack signatures and TTPs associated with Advanced Persistent Threats to identify new threats and attacks
- Conducts basic malware analysis of attacker tools, identifying indicators of compromise, and reverse engineer attacker encoding protocols
- Interfaces with external entities, including law enforcement and intelligence community organizations
- Provides analysis of incidents for customers by:
Want more jobs like this?
Get jobs delivered to your inbox every week.
- determining the incident's nature and formulating responses
- identifying and providing the ability to surge during emergencies
- correlating event and incident data
- determining possible effects on the DODIN, customer networks, and other organizations
- Ability to work independently and within a team as required
- Monitors Computer Network Defense (CND) security-relevant network components
- Performs infrastructure monitoring, performance assessment, new requirement analysis and support
Additional Duties
- Prepare and disseminate CND reports, trends, responses, mitigations, analysis, and information
- Provide support to leadership for CND applicable activities within Protect, Detect, Respond, and Sustain
- Support a performance-based environment with pre-determined Acceptable Levels of Performance (ALPs)
- Support the development, documentation, and tracking of metrics relevant to the ALPs
- Interface with government counterparts and leadership
Required Experience, Education, and Certifications:
• Master's degree from an accredited college in a related discipline, with three (3) years of professional experience; or Bachelor's degree from an accredited college in a related discipline, with five (5) years of professional experience; or ten (10) years professional experience in Information Security, with at least four (4) years specializing in security, vulnerability mitigation techniques, and exploitation methods within enterprise networks
• DoD 8570 Compliant for IAT Level II: Possess a CASP, CCNA-Security, CISSP, CSA+, GICSP, GSEC, Security+ CE, or SSCP certification • DoD 8570 Compliant for CSSP Analyst within 180 days of employment: Possess a CEH, CFR, CSA+, GCIA, GCIH, GISCP, or SCYBER certification
• Strong communication skills, both written and verbal
• In-depth understanding of TCP/IP protocols, ports, and services
Desired Experience, Education, and Certifications:
• CND experience
• Department of Defense experience
• *NIX familiarity
• Command Line Scripting skills (PERL, Python, PowerShell scripting) to automate analysis task
• Knowledge of hacker TTPs
• Be able to conduct basic malware analysis
• Demonstrated hands on experience with various static and dynamic malware analysis tools
• Knowledge of advanced threat actor TTPs
• Understanding of software exploits
• Ability to analyze packed and obfuscated code
• Comprehensive understanding of common Windows APIs and ability to analyze shellcode
Required Clearance: Active TS/SCI
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V