Job Description
Cybersecurity Analyst (onsite Wed, Thurs, Fri and alternating Saturdays 7am-7pm)
Certification requirements:
o t start date must possess an active CompTIA Security+CE certification.
o t start date , must possess one of the following CSSP Incident Responder certifications:
§ CySA+, CEH, or GCIH
o When 8140 requirements are implemented on program/contract, employee will need to conform to 8140 certification standards.
• Please note that pursuant to a government contract, this specific position requires U.S. Citizenship.
All applicants must have current DoD Secret clearance day one and prior to entry on duty.
Supports the Army National Guard Department of Defense Information Network's IT infrastructure, cybersecurity, application hosting and associated services. This enterprise network, one of the nation's largest in the Department of Defense, provides soldiers with access to the Internet, securely allows them to connect with other databases and networks, and provides leaders with tools for training, mission planning and execution. The network supports more than 124,000 users at 3,000 locations across all U.S. states, territories, and the District of Columbia.
• Bachelor's degree from an accredited institution in cybersecurity, information assurance, computer science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
• Please note that pursuant to a government contract, this specific position requires U.S. Citizenship.
• ll applicants must have current DoD Secret clearance day one and prior to entry on duty.
• 6+ years of overall demonstrated experience in cybersecurity, information assurance or computer science.
• Certification requirements:
o t start date must possess an active CompTIA Security+CE certification.
o t start date, must possess one of the following CSSP Incident Responder certifications:
§ CySA+, CEH, or GCIH
o When 8140 requirements are implemented on program/contract, employee will need to conform to 8140 certification standards.
• Excellent problem solving, analytical, and decision-making capabilities, including understanding user requirements, troubleshooting technical issues, successfully resolving issues and challenges, and developing creative solutions for process improvement.
• Dependability, in that the individual is consistently at work and on time, follows instructions, responds to management direction, and solicits feedback to improve.
• Must have:
o Strong customer service experience as this position will require candidate to engage with senior military and government leadership.
o bility to present ideas clearly through briefings, meetings and interaction with leadership of different skill sets.
o bility to provide training sessions as required.
o bility to engage with stakeholders to ensure tasks are progressing and meeting timelines.
o bility to work under time constraints and adapt to changes in requirements and new projects.
o bility to maintain and upgrade certifications.
o bility to assimilate information rapidly, motivated to self-study new requirements.
o Maintain current industry knowledge of relevant concepts, practices, and procedures.
• Familiar with:
o DoD 2875 account request processes
o CTCS training system
• Excellent communication and documentation skills, with strong organizational and collaborative skills.
• Strong teamwork and engagement as a project team member.
Essential Duties and Responsibilities: This position will include, but is not limited to, the following tasks:
• Perform forensic analysis of digital information and gathers and handles evidence. Identify network computer intrusion evidence and perpetrators.
• Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
• Interpret, analyze, and report all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
• Evaluate, test, recommend, coordinate, monitor, and maintain cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
• Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
• Identify security risks and exposures, determine the causes of security violations, and suggest procedures to halt future incidents and improve security.
• Develop techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks, or leaks.
• Correlate data feeds and logs to analyze with known threats and incidents, build, implement, and refine event correlation rules, logic, content, and analysis techniques that will enable SOC personnel to correlate events and security incidents with specific sources, such as individuals, threat actors, IT systems, devices, and IP addresses.
• Responsible for performing correlation activities and trend analysis to Client attack patterns and assess the risks and potential exposure of assets and develop and enhance correlation rules, logic, and analysis techniques for associating data.
• Provide guidance to junior-level staff, as necessary. May serve as team or task lead.
• Ensure cybersecurity inspections, tests, assessments, and reviews are synchronized and coordinated with all stakeholders.
• ssists in the implementation, management, and administration of the organization's structure and workflow within eMASS.
• Conduct reviews of cybersecurity information papers and plans with CYBERCOM, ARCYBER, Air National Guard Cyber, National Security Agency (NSA), Federal Bureau of Investigations (FBI), Department of Justice (DOJ), and Department of Homeland Security (Client).
• ssist in the enforcement of the DoD Cyberspace Workforce Framework (DCWF) and cybersecurity certification program to ensure training and certification requirements are enforced, managed, and reported.
• ssist ARNG with the implementation of a documented and streamlined process for reviewing, processing, and approving systems access requests to eMASS in support of the RMF.
• ssist in examining the security architecture and vulnerabilities of systems in cooperation with system owners and administrators through security scans, examinations of system configurations, reviews of system design documentation, and interviews.
• Support the identification, dissemination and delivery of approved policy and process documentation in support of system(s) authorization efforts through DoD, Army and NIST guidance.
Job Tags
Contract work, Work experience placement, Work at office, Saturday,