Cyber Security Analyst with Security Clearance
TEKsystems c/o Allegis Group
2024-11-07 03:38:30
Honolulu, Hawaii, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
This position requires an active DoD Clearance (Secret, Top Secret, Top Secret/SCI) or the ability to be obtain an (Interim Secret, Interim Top Secret) Because an active or interim DoD clearance is required, U.S. Citizenship is required Top Skills' Details
1) IAT II and CND Analyst or IR compliant (Must have CEH, CCNA Cyber, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, or PenTest+)
2) Malware analysis experience
3) IDS/IPS experience and threat hunting/analysis experience
4) Experience with ELK stack (elastic/kabana) Job Description
Computer Network Defense & Incident Response Analyst
Honolulu, Hawaii Minimum of a Secret Clearance Required with ability to obtain TS/SCI Position Description As a CND Incident Response Analyst you will identify, isolate, investigate, inform, and implement measures to detect and protect data across a wide spectrum of sources and locations. You will validate suspicious events or reports and determine if the event constitutes an incident. You will ensure incidents are properly entered into the appropriate reporting system and determine the severity of the incident. Position Requirements and Duties • Maintains familiarity with CJCSM 6510.01B.
• Compiles and maintains internal standard operating procedure (SOP) documentation.
• Ensures associated documentation and capabilities remain compliant with CJCSM 6510.01B and other applicable policy directives.
• Provides network intrusion detection and monitoring, correlation analysis, incident response and support for the Cybersecurity Service Provider (CSSP) and its subscriber sites.
• Validates suspicious events or reports and determine if the event constitutes an incident and properly enter associated data into the appropriate reporting systems.
• Coordinates with JFHQ-DoDIN and supported entities regarding significant incidents to ensure proper analysis is performed and timely and accurate reporting of the incident is completed.
• Provides 24x7 support for the CSSP's Incident Response capability during non-core business hours consistent with CSSP requirements as needed.
• Performs network and host-based digital forensics on Microsoft Windows based systems and other operating systems as necessary to enhance response to, support of, and investigation into significant network incidents.
• Possesses working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.).
• Explores patterns in network and system activity via log correlation using Splunk and supplemental tools
• Possesses understanding of IDS/IPS solutions to include signature development and implementation
• Participates in program reviews, product evaluations, and onsite certification evaluations. -Up to 15% Travel may be required
- Overtime may be required as needed to support incident response actions (Surge)
- Due to the nature of the work required, operations are conducted 24/7/365 with three primary shifts. Choice of shifts will be made available with the understanding that placement is at the discretion of the CSSP Services Director and/or assigned manager. Qualifications 4+ years experience in Cybersecurity Service Provider (CSSP) environment or similar
DoD or DoN Cybersecurity Workforce (CSWF) Certification or compliance (DoDD 8140 or SECNAV M-5239)
Required Skills Knowledge of Incident Response Procedures
Knowledge of Packet Analysis
Knowledge of IDS/IPS solutions
Familiarity with various Host-Based Tools
Experience with Log Aggregation Tools
Logical thinking and analytical ability
Verbal and written communication ability
Highly Desired Skills Knowledge of CJCSM 6510.01B
Experience with Digital Forensics
The ability to solve problems independently
Additional Skills & Qualifications
Must be IAT II and CND IR compliant. SHIFTS: Two shifts, both working four ten hour days. Front half of the week (Sunday through Wednesday) and back half of the week (Wednesday through Saturday).
Flexible with what shift - 4 - 10's or 5 8's IAT II Certs and Above: CCNA Security, CySA+ , GICSP, GSEC, Security+ CE, CND, SSCP, CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP CSSP Certs: CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+ , GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+, SSCP, CHFI, CFR, CND, CCNA-Security, GCFA, CISA, GSNA CISM, CISSP, CCISO Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long-term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave (PTO, Vacation or Sick Leave)