By Light HQ

Cybersecurity Fusion Analyst

Job Locations US-MD-Fort Meade
Posted Date 4 hours ago(9/22/2021 10:21 AM)
ID
2021-6507
# of Openings
1
Category
Cyber
Clearance
TS/SCI

Overview

Provide network operations and cyber defense in support of the DoD and CoCOMs. Execute in real time, in accordance with mission requirements, incident handling, triage of events, network analysis and threat detection, trend analysis, metric development, vulnerability information dissemination, and the DoD CNDSP methodology to specifically address the tracking and projection of multistage attacks to prepare, better understand and examine the entire threat picture to provide greater context and visibility into adversaries’ conduct and tactics.

Responsibilities

  • Leverage intelligence and operational data, information and processes to identify threats, improve security, and reduce the enterprise’s exposure of vulnerabilities.
  • Support various collaborative and cross functional (Intelligence, Current Operations, Future Operations, Logistics, Planning, Resourcing and Requirements) forums to achieve centrally coordinated, threat informed and prioritized vulnerability scoring and mitigation methodology.
  • Support the development of Cyber Fusion Standard, Cyber Fusion Framework and Methodology based on industry best practice and department of defense instruction, guidance, and policy.
    Perform threat informed analysis by leveraging serialized reporting, intelligence product sharing, OSINT, and open source vulnerability information to ensure prioritized plans are developed.
  • Analyze and document malicious cyber actors TTPs, providing recommendations and alignment to vulnerabilities and applicability to the enterprise operational environment.
  • Discover adversary campaigns, anomalies and inconsistencies in sensor and system logs, SIEMs, and other data; investigate to identify or rule out system compromises, provide written analytic summaries and attack life cycle visualizations.
  • Provide threat analysis, track relevant prioritized incidents and provide recommended reporting requirements in coordination with JDOC.
  • Provide risk assessments and recommendations based on analysis of technologies, threats, intelligence, and vulnerabilities.
  • Recommend adjustment of countermeasures, enterprise or tactical, to account for threats impacting the DODIN.
  • Recommend adjustment of prioritized enterprise focused analysis based on immediate threat identified based on intelligence and other analysis performed.

Required Experience/Qualifications

  • Bachelor's degree in a related discipline with 8 to 12 years of applicable combined education and experience; additional related years of experience is accepted in lieu of a degree.
  • IAM Level II & III, CSSP Analyst, (Security +, CySA+, GICSP, GSEC, CND, CISSP, CASP+, GCIA, GCIH, GCFA, CEH), GIAC Certification, Cloud Security Architecture and Operations Familiarity with all related aspects of cybersecurity operations/analysis (e.g. incident response & management, forensic media analysis, malware analysis/reverse-engineering, cyber threat intelligence analysis, etc.) and security architecture & engineering.
  • In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies (TTPs).
  • Proficiency working with various types of network data (e.g. netflow, PCAP, custom application logs)

Preferred Experience/Qualifications

  • Experience with DISA and DoD Networks.
  • Skilled in building extended cyber security analytics.
  • Demonstrated experience briefing Senior Executive Service (SES) and General Officer/Flag Officer (GO/FO) leadership.
  • Experience in intelligence driven defense and/or cyber Kill Chain methodology.

Special Requirements/Security Clearance

  • Active DoD TS/SCI clearance and eligible for C/I Polygraph

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed