By Light HQ

Cybersecurity Operations and Defense Analyst

Job Locations US-MD-Fort Meade
Posted Date 19 hours ago(9/22/2021 10:20 AM)
# of Openings


Provide network operations and cyber defense support to the Defense Information Systems Agency (DISA) in support of the DoD and COCOMs. Execute in real time, in accordance with mission requirements, provide holistic enterprise defensive strategies for enterprise cyber security capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies.


  • Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies while performing cyber situational awareness activities to provide analysis and recommendations of situation awareness capabilities.
  • Conduct micro and macro analysis of enterprise cybersecurity defensive strategies to enable operational effectiveness and defense.
  • Analyze policy, program management office managed systems, hardware, and software, cloud, network infrastructure in order to recommend methods and strategies that reduce and/or managed impacts.
  • Provide operational assessments, analysis, metrics, recommendations, and enhancements to address Current Operations, Future Operations and long term plans.
  • Provide proactive cyber security, incident management, and impact assessments based on enterprise cyber security capabilities implemented.
  • Perform defensive strategy configuration management support including:
    • Cloud Security: Develop strategies to monitor, detect, and prevent unauthorized manipulation and access of services and data in transit, at rest, and in use
    • Boundary Security: (Gateways, Cross-Domain Peering Points, Joint Regional Security Stacks (JRSS) or Network Gateways, Internet Access Points or General Boundaries): Identify, discover, and maintain cognizance of the DODIN boundary, inclusive of IAPs, peering points, and other major points of ingress/egress to the DODIN; Document and maintain boundary architectures, understand employed defensive capabilities and available sensor data
    • Endpoint Security: Perform Endpoint security management and security analysis, to include planning, and assessing, and/or providing the reporting of enterprise strategies for compliance, signatures and integration strategies with mid-tier, and boundary capabilities
    • Develop metrics and measures and recommend standards to support assessments, process improvements and operational efficiencies at HQ and across the DODIN
  • Manage enterprise-wide malware analysis collaboration and sharing of IOCs
  • Support development and management of a malware analysis environment
  • Analyze and document the function, behavior, origin, and impact of malware samples; support the calculation of risk to the DODIN
  • Develop and recommend malware analysis SOPs/TTPs for the collection, analysis and protection of the DODIN

Required Experience/Qualifications

  • Bachelor's degree in a related discipline with 4 to 8 years of applicable combined education and experience; additional related years of experience is accepted in lieu of a degree.
  • IAT Level II & III, IAM Level II, CSSP Analyst, (Security +, CySA+, CND, CISSP, CASP+, GCIA, GCIH, GCFA, CEH)
  • Familiarity with all related aspects of cybersecurity operations/analysis (e.g. incident response & management, forensic media analysis, malware analysis/reverse-engineering, cyber threat intelligence analysis, etc.) and security architecture & engineering.
  • In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies (TTPs).
  • Proficiency working with various types of network data (e.g. netflow, PCAP, custom application logs)

Preferred Experience/Qualifications

  • Experience with DISA and DoD Networks.
  • Skilled in building extended cyber security analytics.
  • Demonstrated experience briefing Senior Executive Service (SES) and General Officer/Flag Officer (GO/FO) leadership.
  • Experience in intelligence driven defense and/or cyber Kill Chain methodology.

Special Requirements/Security Clearance

  • Active DoD TS/SCI clearance and eligible for C/I Polygraph


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed