Data Exploiter (TS/SCI with Poly Required) with Security Clearance

---

Job description

GCI, embodies excellence, integrity and professionalism. The employees supporting our customers deliver unique, high-value mission solutions while effectively leverage the technological expertise of our valued workforce to meet critical mission requirements in the areas of Data Analytics and Software Development, Engineering, Targeting and Analysis, Operations, Training, and Cyber Operations. We maximize opportunities for success by building and maintaining trusted and reliable partnerships with our customers and industry. At GCI, we solve the hard problems. As a Data Exploiter, a typical day will include the following duties: A qualified Data Exploiter reviews, manipulates, triages, and analyzes large datasets. Candidate is responsible for supporting operational and analytical requirements. Activities include detailed log analysis, network traffic monitoring, and vulnerability risk assessment. The individual will be expected to conduct assessments of software tools and systems to identify vulnerabilities, and work with internal and external technical stakeholders to identify solutions to enrich analysis. Able to follow the entire targeting life cycle by engaging in data exploitation of requirements collection, data analysis, summary and documentation, and actionable information dissemination. KEY RESPONSIBILITIES Provide data exploitation support to the customer. Assist with attribution efforts related to cyber activity. Use a variety of tools and methods to extract information of foreign intelligence, counterintelligence and targeting value from digital data. Create a range of products that inform operations, drive targeting and collection, contribute to intelligence products, and support multiple customer needs. Work with a team to analyze existing software applications and tools, and recommend new technologies and methodologies to improve team performance. Write and update technical documentation such as user manuals, system documentation, training materials, processes and procedures. Collaborate cross-functionally with data scientists, engineers, developers, targeters, and analysts. Provide recommendations for continuous improvement. Work alongside other team members to sustain and advance our organization's capabilities. Assist with attribution efforts related to cyber activities with a heavy focus on unattributed intrusions. EDUCATION AND EXPERIENCE Bachelor's degree in Computer Science, Information Technology, or other related discipline, or equivalent combination of education, technical certifications, training, and work/military experience. REQUIRED QUALIFICATIONS Demonstrated experience writing python scripts. Experience conducting network traffic analysis. Knowledge of different types of intrusion activity. Prepare a range of tailored products that embody and explain findings Ability to sift through large amounts of unstructured data for key data points (i.e., metadata and artifacts). Demonstrated knowledge of incident response, containment, and mitigation Knowledge of common cyber-attack methods. Demonstrated experience conducting detailed log analysis and system monitoring to understand system status, detect system breaches, and identify other system anomalies. Demonstrated experience performing vulnerability identification, risk analysis, and remediation. Ability to triage, review, identify, and correlate items of interest from numerous all source datasets. Ability to evaluate worldwide security events to assess system impact and/or risk (e.g., zero day exploits, hardware failures, and/or cyber-attacks). Ability to identify and document information that can fill critical gaps. Create new methodologies / algorithms for data analysis and correlation. Create entity / object profiles and derived data sets that enable future opportunities and analytical efforts. Experience with technical collection abilities. DESIRED QUALIFICATIONS Strong understanding of VPNs, VLANs, and TCP/IP. Experience with Linux operating systems. Experience with OS hardening using tools such as CIS-CAT. Ability to working independently with minimal supervision. Experience with navigating an enterprise security accreditation process. Demonstrated experience and understanding of network monitoring tools (e.g Splunk, WSUS, Snare, Wireshark, and Solarwinds). Knowledge of MITRE ATT&CK Framework. A candidate must be a US Citizen and requires an active/current TS/SCI with Polygraph clearance. Salary Range $134,596-$224,764

<!– job description page –>