Job Description

　　An employer is looking for a TSSCI Cyber Countermeasures Analyst to sit at Fort Meade. This person is going to be responsible for being the subject matter expert of a specific system within the environment (i.e. Email, Domains, etc) and the threats associated with the systems. They will be working directly with the Cyber Threats team who will identify the potential threats and this person will be responsible for writing the signature to address those potential threats using snort, splunk, arcsight, etc. These signatures will be pushed to headquarters for verification and then implemented onto the network to monitor and or block these threats. In order for someone to be successful in this role they will need to be able to analyze high volumes of logs, network data (e.g. Netflow, PCAP), and other attack artifacts in support of incident investigations as well as understand the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).

　　Skills and Requirements

　　TS with SCI eligibility

　　DoD-8570 IAT Level 2 baseline certification (Security+ CE or equivalent) to start and able to obtain CSSP-A certification within 180 days of start date.

　　Bachelors Degree and 8 YOE- additional years of experience can be used in place of a degree

　　Experience analyzing high volumes of logs, network data (e.g Netflow, PCAP), and other attack artifacts in support of incident investigations

　　Intermediate networking knowledge and experience working with ACLs, DMZ, WCF, and firewalls

　　Knowledge of the cyber kill chain and MITRE AAT&CK\ methodologies

　　Proficient understanding of Cyber Network Defense (CND) in regards to protect, detect, respond and sustain within a Computer Incident Response organization

　　Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements Experience with DISA and DoD Networks.

　　Experience with malware analysis concepts and methods.

　　Advanced Certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP.

　　Experience in intelligence driven defense and/or cyber Kill Chain methodology. null

　　We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to [email protected].