System One
Cyber Defense Analyst – 2nd shift (3 pm – 11:30 pm) – Washington, DC (on‑site)
Must be able to obtain Public Trust clearance.
Responsibilities
- Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client.
- Provides timely and actionable sanitized intelligence to cyber incident response professionals.
- Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client’s security posture.
- Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks.
- Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership.
Qualifications
- Bachelor’s degree with 8+ years of cyber security experience (or commensurate experience).
- 7 years of security intrusion detection examination experience involving a range of security technologies that produce logging data; including wide area networks host and network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs.
- Working experience of Splunk SIEM.
- At least five years’ experience working at a senior level, performing analytics examination of logs and console events in the following working experience areas: creating advanced queries methods in Splunk or advanced Grep skills, firewall ACL review, examining Snort based IDS events, PCaps, web server log review, and working in a SIEM environment.