Cybervance, Inc.
Sr. Cyber Defense Analyst
Washington, D.C. | Full-time
Cybervance is an equal opportunity employer that designs, develops, and manages the successful execution of training programs for government and private sector organizations. Cybervance believes in creating innovative solutions to deliver measured results.
We are looking for a Senior Level Cyber Defense Analyst with an active Top-Secret Clearance/SCI for an on-site team located in Washington, D.C.
Responsibilities
Interpret information collected by network tools (e.g., Nslookup, Ping, Traceroute). Conduct independent analysis of events generated by SIEM and security tools. Create custom detection rules to query log data for indicators of compromise. Perform security event analysis from start to finish, determining root cause. Create and review standard operating procedures with minimal supervision. Mentor junior personnel and guide analysis beyond their capabilities. Understand host/network access control mechanisms (e.g., ACLs). Utilize vulnerability information sources (alerts, advisories, bulletins). Apply incident response and handling methodologies. Recognize incident categories, responses, and timelines. Operate front-end collection systems, including traffic filtering and selection. Implement system, network, and OS hardening techniques. Follow cyber defense policies, procedures, and regulations. Identify common network attack vectors and attack classes. Understand various attacker profiles (script kiddies, insiders, nation-sponsored). Knowledge of network communication types (LAN, WAN, WLAN, WWAN). Recognize file extensions relevant to security analysis (.dll, .zip, .pcap, etc.). Develop content for cyber defense tools. Analyze network traffic to identify anomalies and threats. Coordinate with cyber defense teams to validate alerts. Ensure cybersecurity products and controls reduce risks effectively. Document and escalate incidents with details on impact and history. Perform trend analysis and reporting on cyber defense activities. Correlate events from multiple sources for situational awareness. Conduct security reviews and recommend improvements. Identify and analyze network traffic anomalies using metadata. Research, analyze, and correlate data from various sources. Validate IDS alerts through packet analysis. Qualifications
Bachelor’s degree or higher. 6+ years’ experience in network/data analysis, malware detection, intrusion signature development, and information assurance. Strong communication skills with attention to detail. Certifications related to incident handling, network and system attacks, and security principles. Preferred Qualifications
Experience with intrusion detection systems (e.g., Snort). Ability to analyze malware and perform vulnerability scans. Skills in evaluating security system resilience and dependability. Experience with security design assessments. Proficiency in incident handling methodologies. Experience with protocol analyzers and cyber defense resources. Knowledge of signatures (e.g., Snort) and security controls (e.g., NIST, CIS). Ability to source data accurately for intelligence and assessments. Apply cybersecurity and privacy principles aligned with organizational requirements.
#J-18808-Ljbffr
Interpret information collected by network tools (e.g., Nslookup, Ping, Traceroute). Conduct independent analysis of events generated by SIEM and security tools. Create custom detection rules to query log data for indicators of compromise. Perform security event analysis from start to finish, determining root cause. Create and review standard operating procedures with minimal supervision. Mentor junior personnel and guide analysis beyond their capabilities. Understand host/network access control mechanisms (e.g., ACLs). Utilize vulnerability information sources (alerts, advisories, bulletins). Apply incident response and handling methodologies. Recognize incident categories, responses, and timelines. Operate front-end collection systems, including traffic filtering and selection. Implement system, network, and OS hardening techniques. Follow cyber defense policies, procedures, and regulations. Identify common network attack vectors and attack classes. Understand various attacker profiles (script kiddies, insiders, nation-sponsored). Knowledge of network communication types (LAN, WAN, WLAN, WWAN). Recognize file extensions relevant to security analysis (.dll, .zip, .pcap, etc.). Develop content for cyber defense tools. Analyze network traffic to identify anomalies and threats. Coordinate with cyber defense teams to validate alerts. Ensure cybersecurity products and controls reduce risks effectively. Document and escalate incidents with details on impact and history. Perform trend analysis and reporting on cyber defense activities. Correlate events from multiple sources for situational awareness. Conduct security reviews and recommend improvements. Identify and analyze network traffic anomalies using metadata. Research, analyze, and correlate data from various sources. Validate IDS alerts through packet analysis. Qualifications
Bachelor’s degree or higher. 6+ years’ experience in network/data analysis, malware detection, intrusion signature development, and information assurance. Strong communication skills with attention to detail. Certifications related to incident handling, network and system attacks, and security principles. Preferred Qualifications
Experience with intrusion detection systems (e.g., Snort). Ability to analyze malware and perform vulnerability scans. Skills in evaluating security system resilience and dependability. Experience with security design assessments. Proficiency in incident handling methodologies. Experience with protocol analyzers and cyber defense resources. Knowledge of signatures (e.g., Snort) and security controls (e.g., NIST, CIS). Ability to source data accurately for intelligence and assessments. Apply cybersecurity and privacy principles aligned with organizational requirements.
#J-18808-Ljbffr