Location: San Antonio, TX.
Position Summary: We are seeking a Cyber Defense Analyst (level III) to support NSA Network Security Services (NNSS) in the areas of cyberattack sensing and warning, cyber incident handling, warning intelligence, vulnerability assessments and malware analysis/protection.
Essential Job Functions:
· Use information collected from a variety of sources to monitor network activity and analyze it for evidence of anomalous behavior.
· Identify, triage and report events that occur to protect data and information systems.
· Recommend proactive security measures.
· Notify stakeholders of suspected incidents, articulating technical information surrounding the suspected incident.
· Implement mitigations in accordance with cyber incident response plan.
· Conduct PCAP analysis.
· Perform advanced manual analysis to hunt previously unidentified threats.
· Demonstrated ability to analyze and identify network and host-based security threats.
· Understanding of snort filters and their use in IDS alerts.
· Understanding of network hardening methodologies.
· Working knowledge of enterprise-level IDS/IPS and firewall topologies.
· Provide subject matter expert (SME)-level analysis of advanced adversarial Tactics, Techniques and Procedures (TTPs).
· Develop and deploy effective threat identifying signatures and countermeasures to various sensors and intrusion prevention systems.
· Lead and mentor team members as a technical expert.
Minimum Required Qualifications:
· U.S. Citizenship is required.
· Required Security Clearance: TS/SCI with FS Poly.
· Required High School diploma.
· Eight (8) years of demonstrated experience as a Cyber Defense Analyst. Two (2) years of experience can be substituted by a technical bachelor’s degree.
· Two (2) years of experience with TCP/IP.
· Two (2) years of experience with tcpdump or Wireshark/tshark.
· Requires GIAC Global Certified Incident Handler (GCIH) certification.
Working Conditions: Work is typically based in a busy office environment and subject to frequent interruptions. Business work hours are normally set from Monday through Friday 8:00 AM to 5:00 PM, however some extended or weekend hours may be required. Additional details on the precise hours will be informed to the candidate from the Program Manager/Hiring Manager.
Physical Requirements: May be required to lift and carry items weighting up to 25 lbs. Requires intermittent standing, walking, sitting, squatting, stretching, and bending throughout the workday.
Background Screening/Check/Investigation: Successful completion of a background screening/check/investigation is required as a condition of hire.
Benefits: We offer competitive compensation, a flexible benefits package, career development opportunities that reflect its commitment to creating a diverse and supportive workplace. Benefits include (not all inclusive) medical, vision and dental insurance, paid time-off and company paid holidays, personal development and learning opportunities.
Other: This employer participates in E-Verify and provides the federal government with your Form I-9 information to confirm you are authorized to work in the U.S.
Keywords: cyber defense analyst, cyber defense analysis, cyberattack sensing and warning, cyber incident handling, cyber warning intelligence, cyber vulnerability assessments malware analysis, malware protection.