By Light Professional IT Services

  • Cyber Fusion Analyst (TS/SCI)

    Job Locations US-MD-Fort Meade
    Posted Date 1 month ago(9/12/2018 11:27 AM)
    ID
    2018-2448
    # of Openings
    3
    Category
    Information Technology
    Clearance
    TS/SCI
  • Overview

    By Light is hiring a Cyber Security Analyst to join our team supporting the Joint Forces Headquarters-Department of Defense Information Network (JFHQ-DODIN), in the J34 Fusion. Working closely with Intelligence Analysts, the analyst will execute fusion operations through network analysis and threat detection, trend analysis, metric development and vulnerability information dissemination.  This position will work the normal daytime shift.

     

    By Light provides a broad range of hardware, software, engineering, and IT integration services. Headquartered in Arlington, VA, we support defense, civilian, commercial, and health IT customers worldwide. We offer an excellent benefits package that includes: medical, dental, vision, life and disability insurance, paid time off, paid holidays, 401(k), and profit sharing.

    Responsibilities

    • Identify and characterize cyber threats to Department of Defense Information Networks (DODIN)  through intelligence, operational reporting, and network information Centrally coordinate and/or recommend CND operations that impact more than one DoD Component.
    • Search for known Indicators of Compromise (IOC) and correlate activity to determine scope of possible compromise Identify tactics, techniques and procedures used by cyber actors.
    • Provide Defense-wide situational awareness and attack sensing and warning through fusion, analysis and coordinated information flows.
    • Utilize open source intelligence platforms to aid in identification of threats/compromise; coordinate closely with Intelligence Analyst to determine threats to the DODIN.
    • Hunt for adversary activity on DoD networks via log, network, and packet analysis.
    • Provide Defense-wide situational awareness and attack sensing and warning through fusion, analysis and coordinated information flows.
    • De-conflict Vulnerability Analysis and Assessments (VAA) and Red Teaming with CND operations, and recommend changes to in progress or planned VAAs that may negatively impact CND operations.
    • Recommend Information Operations Conditions (INFOCON) changes in response to unauthorized activity (e.g., computer network attacks, computer network exploitation, system misuse), and to mitigate potential damage to DoD information systems and computer networks.

    Required Experience/Qualifications

    • Experience coordinating and/or recommending CND operations that affect more than one DoD Component.
    • Experience conducting Packet Capture (PCAP) Analysis
    • Experience with security information and event management (SIEM) systems
    • Basic understanding of intelligence tool
    • Experience with and/or a working knowledge of the following :
      • Networking infrastructure: routers, switches, and web security gateway
      • TCP/IP Protocols and Services
      • Identification and Access Management
      • Firewalls, Access Control Lists
      • Intrusion Detection/Prevention Systems (IDS/IPS) Configuration Management
      • Demilitarized Zone (DMZ)
      • SIEM and JIMS Reports
      • Data backup/Data Loss Prevention (DLP)
      • Host Base Security Systems (HBSS)
      • Enterprise Mission Assurance Support Service (eMASS)

    Preferred Experience/Qualifications

    • Security+
    • ITIL v3 Foundation certified.
    • Critical/logical thinking skills.
    • Experience working with the Intelligence Community and priority intelligence requirements.
    • Advanced communications and presentations skills (verbal and written) enabling precise conveyance of information across all CC/S/A/FA with command and proper enunciation of the English language.
    • Experience with the following Tools:
      • Arcsight
      • Wireshark/Ethereal
      • Netcat/Cryptcat
      • Splunk
      • Web Vulnerability Scanners
      • NMAP

    Special Requirements/Security Clearance

    • DOD TS/SCI eligibility is required

     

    An Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

    #CJ

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed