|
Search Jobvertise Jobs
|
Jobvertise
|
Cyber Security Analyst Scott Location: US-IL-Scott AFB Jobcode: S1698268321892 Email this job to a friend
Report this Job
C3EL has a great opportunity for a Cyber Security Analyst at Scott AFB, IL supporting the GSM-O II contract. Job Responsibilities: - Cyber Threat Analysis on the DoD network
- Network Traffic Analysis using packet capture programs
- Conduct routine security audits for compliance
- Respond to alerts and identify malicious threats on the DoD network
- Upgrade network sensors and Security Information and Event Management systems as new threats are discovered
- Manage IDS and IPS devices
- Manage firewalls
- Report findings to USCYBERCOM for review
Minimum Qualifications: - Top Secret clearance - active, in-scope
- 2+ years of Cyber Security or Information Assurance related experience.
- Due to the nature of the work and contract requirements, US Citizenship is required.
- Current DoD 8570 IAT Level II certification (Security+, CCNA-Security, CySA+, etc.)
- Knowledgeable of the life cycle of network threats, attacks, attack vectors.
- Understanding of methods of exploitation and of intrusion set tactics, techniques and procedures (TTPs).
- Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
- Hands-on experience analyzing high volumes logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations.
- In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk).
- Experience and proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture software, Host-Based Forensics, or Network Forensics.
- Experience with malware analysis concepts and methods.
- Unix/Linux command line experience.
- Scripting and programming experience.
- Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
- Willingness to perform shift work.
Desired Qualifications: - Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP, CASP and/or SIEM-specific training and certification. (CISSP or equivalent).
- Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
Education: - Bachelor's degree, however additional experience, education, and training may be considered in lieu of a degree
C3EL
|