Salary: $170K

Location: San Antonio, TX.

Position Summary: We are seeking a Cyber Defense Analyst (level III) to support NSA Network Security Services (NNSS) in the areas of cyberattack sensing and warning, cyber incident handling, warning intelligence, vulnerability assessments and malware analysis/protection.

Essential Job Functions:

·      Use information collected from a variety of sources to monitor network activity and analyze it for evidence of anomalous behavior.

·      Identify, triage and report events that occur to protect data and information systems.

·      Recommend proactive security measures.

·      Notify stakeholders of suspected incidents, articulating technical information surrounding the suspected incident.

·      Implement mitigations in accordance with cyber incident response plan.

·      Conduct PCAP analysis.

·      Perform advanced manual analysis to hunt previously unidentified threats.

·      Demonstrated ability to analyze and identify network and host-based security threats.

·      Understanding of snort filters and their use in IDS alerts.

·      Understanding of network hardening methodologies.

·      Working knowledge of enterprise-level IDS/IPS and firewall topologies.

·      Provide subject matter expert (SME)-level analysis of advanced adversarial Tactics, Techniques and Procedures (TTPs).

·      Develop and deploy effective threat identifying signatures and countermeasures to various sensors and intrusion prevention systems.

·      Lead and mentor team members as a technical expert.

Minimum Required Qualifications:

·      U.S. Citizenship is required.

·      Required Security Clearance: TS/SCI with FS Poly.

·      Required High School diploma.

·      Eight (8) years of demonstrated experience as a Cyber Defense Analyst.  Two (2) years of experience can be substituted by a technical bachelor’s degree.

·      Two (2) years of experience with TCP/IP.

·      Two (2) years of experience with tcpdump or Wireshark/tshark.

·      Requires GIAC Global Certified Incident Handler (GCIH) certification.

Working Conditions: Work is typically based in a busy office environment and subject to frequent interruptions. Business work hours are normally set from Monday through Friday 8:00 AM to 5:00 PM, however some extended or weekend hours may be required.  Additional details on the precise hours will be informed to the candidate from the Program Manager/Hiring Manager.

 Physical Requirements: May be required to lift and carry items weighting up to 25 lbs. Requires intermittent standing, walking, sitting, squatting, stretching, and bending throughout the workday.

 Background Screening/Check/Investigation: Successful completion of a background screening/check/investigation is required as a condition of hire.

 Benefits: We offer competitive compensation, a flexible benefits package, career development opportunities that reflect its commitment to creating a diverse and supportive workplace.  Benefits include (not all inclusive) medical, vision and dental insurance, paid time-off and company paid holidays, personal development and learning opportunities.

 Other: This employer participates in E-Verify and provides the federal government with your Form I-9 information to confirm you are authorized to work in the U.S.

Keywords: cyber defense analyst, cyber defense analysis, cyberattack sensing and warning, cyber incident handling, cyber warning intelligence, cyber vulnerability assessments malware analysis, malware protection.