Cyber Network Defense Analyst with Security Clearance
Company: UICGS and Bowhead Family of Companies
Location: Dayton
Posted on: April 24, 2024
|
|
Job Description:
Overview Bowhead seeks a Cybersecurity Network Defense Analyst
to join our team in Dayton, OHThe Cybersecurity Network Defense
Analyst uses data collected from a variety of cyber defense tools
(e.g., IDS alerts, firewalls, network traffic logs) to analyze
events that occur within their environments for the purposes of
mitigating threatsThey provide on-site 24x7x365 operational support
in the form of event/incident handling and analysis capability to
cybersecurity service subscribersThese highly skilled individuals
will work in various capacities alongside Warning Intelligence
Analysts and EngineersThe Cybersecurity Network Defense Analyst
will work in the Attack Sensing and Warning (AS&W) division
which senses changes in subscriber networks through comparison to
established baselines and the fusion/integration of closed and open
source intelligence to enhance sensing capabilityThey will perform
the analysis of disparate data sources to form a cohesive view of
the current cyber security stateThey will characterize and analyze
network traffic to identify anomalous activity and potential
threats to network resourcesThese positions are in a 24x7x365
Cybersecurity environment and qualified candidates must be able to
work 12 hour night shiftsResponsibilities --- Receive and
distribute AS&W information --- Conduct AS&W activities to
develop appropriate response (receives and archive task orders,
directives, and other required actions, and maintain internal and
external source location information) --- Coordinate AS&W
information from other sources to aid in analysis of alerts ---
Analyze the Intrusion Detection System alerts to identify
unauthorized or anomalous activity --- Identify, documents, and
reports unauthorized activity/attacks (including IP addresses and
ports, attack vector, and attack timeframe) in all incidents and
reports per HPCMP CSSP sops --- Take action, if appropriate, to
prevent or mitigate potential impact to the DODIN based on cyber
threats, and develop and distribute countermeasures and interim
guidance to prevent or mitigate threats and/or attacks on DODIN ---
Monitor a platform capable of performing information security
continuous monitoring (ISCM) for the purposes of detecting cyber
intrusions, attacks, anomalous behavior, and possible insider
threats --- Collect intrusion artifacts (e.g., source code,
malware, and trojans) --- Correlate incident data to identify
specific vulnerabilities and make recommendations that enable
expeditious remediation --- Report incidents and events within
proper channels and within timelines identified in the CJCSM
6510.01B --- Provide a 24/7x365 event/incident handling and
analysis capability --- Provide operations log accessible to
personnel documenting all mandated reportable cyber
events/incidents --- Analyze detected cyber events to identify
incidents --- Categorize and characterize cyber incidents ---
Notify affected Subscribers of cyber incidents and collect
assessments of mission impact for the loss of the system during the
incident response process --- Analyze cyber incidents to develop
specific responses --- Distribute tailored countermeasures or
interim guidance to Subscribers to eradicate and prevent cyber
incidents across all subscribers --- Perform forensic analysis of
systems and malware in cases where subscribers lack the capability
and ensure relevant IOCs are shared with Warning Intelligence ---
Mitigate operational and/or technical impact due to cyber incidents
--- Contain the spread of malware to prevent further damage to IT
systems through detection, analysis, and execution of containment
measures Qualifications --- Must possess Bachelor's degree or
equivalent experience --- Must have at least 2 years intrusion
detection experience --- Must have at least 2 years relevant IT
and/or System administrator experience and 2 years relevant
Information Security experience --- Must have the certifications
for DOD 8570 IAT Level II minimally --- Must have the
certifications for DOD 8570 CSSP-Analyst or CSSP-Incident Responder
--- Must have the ability to earn DoD 8570 computing environment
certification within 6 months --- Understanding of network hardware
devices and experience configuring Access Control Lists or other
Firewall or Router configuration experience --- Ability to
demonstrate strong knowledge of computer security concepts ---
Ability to communicate effectively, interpret regulatory guidance
and identified vulnerabilities to a wide audience --- Advanced
knowledge of network technologies and protocols --- Advanced
understanding of current threats and trends present in the
Information Security and Technology field --- Must complete the
specified Joint Qualification Requirement training within 180 days
of date of hire, unless otherwise specified SECURITY CLEARANCE
REQUIRED: Must be able to obtain and maintain a Secret clearanceUS
Citizenship is a requirement for Secret clearance at this
locationPhysical Demands: --- Must be able to lift up to 25 pounds
--- Must be able to stand and walk for prolonged amounts of time
--- Must be able to twist, bend and squat periodically #LI-MN1
Keywords: UICGS and Bowhead Family of Companies, Covington , Cyber Network Defense Analyst with Security Clearance, Professions , Dayton, Kentucky
Click
here to apply!
|