Associate Monitoring Analyst

The Associate Monitoring Analyst supports a Civilian Agency Cyber Security Operations Center (SOC) organization protecting the network security of tens of thousands of users. The work site is located in Leesburg, Virginia.

The Associate Monitoring Analyst responsibilities include:

• Support monitoring of all Information Assurance Devices (IADs) to identify and document all intrusions and attempted intrusions.

• Populate and maintain an intrusions database, and provide data analysis support; analyze data from sensors, network security devices and applications using the security information event management systems, log servers, application interfaces and device consoles provided.

• Document of evidence of system security compromise, generate of trend reports, and collect evidence of malicious or anomalous activity.

• Report security incidents and/or network intrusions to Incident Handlers for dissemination to appropriate DOT points of contacts.

• Identify anomalous and malicious activity.

• Contribute to content creation, prioritize, rank and escalated incidents.

• Provide support in the detection, response, mitigation, and reporting of cyber threats affecting client networks.

• Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations.

• Assist in producing status reports and briefs to senior leadership; provide analysis for correlated information sources.

• Provide liaison to other agency cyber threat analysis entities such as intra-agency and inter-agency Cyber Threat Working Groups.

• Maintaining proficiency in the use and production of visualization charts, link analysis diagrams, and database queries.

• Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions.

• Associate Monitoring Analysts must provide recommendations based on best practice and experience to develop processes that will enhance efficiencies needed to perform the above.

Any other duties as requested by the Contracting Officer Representative and SOC management.

Qualities/Additional info: Associate Monitoring Analysts provide coverage twelve (12) hours a day, five (5) days a week, including Federal government holidays. Under all risk levels, required shifts are (0600-1400) and (1000-1800 EST\EDT), Monday-Friday, including Federal government holidays. Under all risk levels, the backfill of absent Associate Monitoring Analysts are required for all periods of scheduled and unscheduled leave. At the direction of the COR, the Contractor may be required to move personnel shifts in order to support demanding workloads, especially during core business hours. Associate Monitoring Analysts should be proven team players with excellent oral and written communications skills. Associate Monitoring Analysts should also be a self-starter, capable of working projects cradle-to-grave, independently if necessary. Frequent interaction with government client is required. Occasional local travel. Infrequent (<5%) local travel, infrequent (<5%) long distance travel.

Required Education and Experience:


- Bachelor's degree

- Minimum six (6) years of relevant professional experience.


- In addition to required education or equivalent experience;

- Minimum six (6) years IT experience


- Must have three (3) years experience network security analysis, using intrusion detection systems.

- Must have experience conducting analysis at the packet level.

Preferred Experience:

- Firewall administration experience

- Experience with intrusion detection sensors.

- Experience with Security Information Management Tools (ArcSight).

- CISSP and/or SANS/GIAC Certification (equivalent to two year experience).


Back to top