Cyber Security Analyst Jobs

Position Description

The ISD Cyber Security Sector is responsible for monitoring and protecting Laboratory information systems. The sector operates and maintains computer network defense (CND) tools and data sources (network and host level) in support of incident response and mitigation processes. Services include briefings to management, advising them of issues that may affect the Laboratory's security posture. The sector also conducts vulnerability assessment scanning at the network, system, and application levels, and coordinates mitigations and communications to the Laboratory community.

ISD Cyber Security Team supports a high side (classified) Cybersecurity Operations Center which manages the ongoing security of multiple classified networks. This position will augment the existing staff in managing and operating the tools specific to the HS CSOC. Candidate will maintain and operate ACAS, HBSS/ESS, Splunk and other CSOC tools specific to the classified environment. These tools require specific accreditation and training from the government and have specific and extensive domain knowledge about operations within a classified government network.

Qualifications

• Strong familiarity with operating system diagnostics, network design and troubleshooting, and how to diagnose security controls and logs for evidence and indicators of compromise
• Technical skills in Linux and Windows server management as well as training in ACAS or HBSS is a requirement
• Good understanding of vulnerabilities, how vulnerabilities are detected and mitigated, how to rate the risk associated with an emerging vulnerability
• 4+ years’ experience in the information security technology field; preferably a BS in an IT related field of study or a Master's degree with 2+ years of experience, or equivalent

Preferred:

• Basic threat management and how to do research across multiple sources to correlate and provide accurate scope to identify, contain, eradicate and recover from a security incident
• Prefer skills in Splunk or SOC operations as well as familiarity with DoD regulations, like STIGs and the operational processes that support them. Demonstrated ability to achieve ongoing educational training. Security+ or better required
• Demonstrated ability to create and contribute to teams in a collaborative and constructive manner
• Understanding of classified Cloud or DevSecOps tools, processes, and infrastructure strongly preferred
• Ability to obtain and maintain a government security clearance

#CJ