Peraton
Overview
Data Science role at Peraton. Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. The GCC provides CSSP responsibilities and conducts DODIN Operations and DCO - Internal Defensive Measures (IDM) to protect the DODIN IAW the DoDM 8530.01 and the DoD Cybersecurity Services Evaluator Scoring Metrics (ESM). These responsibilities are broken into five CSSP functions; Identify, Protect, Detect, Respond, and Recover. The division provides support services for the protection, monitoring, analysis, detection, and response to unauthorized activity within the DoD Information Systems and Networks. DCO-IDM services defend against unauthorized activity on Army assets residing on the NIPRNet and SIPRNet. The division provides defensive measures to protect and defend information, computers, and networks from disruption, denial, degradation, or destruction. The division provides sensor management and event analysis and response for network and host-based events. Event analysis and response includes reducing multiple cyber incidents to actual malicious threat determinations and mitigating those threats IAW guidance from GCC Government leadership. Responsibilities
Develop reports and products, both current and long-term, in support of CSSP and course of action development. Prepare Tactics, Techniques, and Procedures (TTP), SOPs, Executive Summary (EXSUMS), trip reports, and information/point papers. Contribute to the preparation of agreements, policy, and guidance documentation such as Memorandums of Understanding / Agreement (MOU/A), Service Level Agreements (SLA). Defensive Cyber Infrastructure (DCI) Support. Develop and distribute content provided by security platform vendors at least weekly and as needed. Develop and distribute in-house content based on tips from higher organizations and the Threat Hunt team. Provide content development and distribution to tactical edge customers and develop TTPs for doing so. Consolidate different data sources into a single view used to assess the status of a specific threat on the network. Develop and/or maintain dashboards displaying CSSP items of interest and all active cyber incidents in near real time within each respective Area of Responsibility (AOR). Maintain, update, test, and implement signatures and policies for each sensor managed by GCC. Coordinate changes through the ITIL process and develop signatures and policies for both network- and host-based sensors. Update as necessary to minimize false positives and validate syntax. Conduct development and testing on isolated networks and document testing activity with plans, results, and procedures as signatures are updated. Update and validate the plan at least annually with a signature test plan. Qualifications
Basic Qualifications: 8 years with BS/BA; 6 years with MS/MA; 3 years with PhD Certifications: DCWF Code 521 Advanced or CISSP or GIAC certifications such as GCIA, GCLD, GDSA, GICSP, GSEC, ISSAP, ISSEP, etc. Active TS/SCI Clearance Ability to conduct vulnerability assessments and monitor networks to support test and operational environment requirements. Solid understanding of data transport, encryption, networking, IT systems, and cybersecurity fundamentals. Compensation and Benefits
Target Salary Range: $66,000 - $106,000. Salary is determined by the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and contract considerations. Depending on the position, overtime, shift differential, and a discretionary bonus may be available in addition to base pay. EEO:
Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law. Employment Type
Full-time
#J-18808-Ljbffr
Data Science role at Peraton. Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. The GCC provides CSSP responsibilities and conducts DODIN Operations and DCO - Internal Defensive Measures (IDM) to protect the DODIN IAW the DoDM 8530.01 and the DoD Cybersecurity Services Evaluator Scoring Metrics (ESM). These responsibilities are broken into five CSSP functions; Identify, Protect, Detect, Respond, and Recover. The division provides support services for the protection, monitoring, analysis, detection, and response to unauthorized activity within the DoD Information Systems and Networks. DCO-IDM services defend against unauthorized activity on Army assets residing on the NIPRNet and SIPRNet. The division provides defensive measures to protect and defend information, computers, and networks from disruption, denial, degradation, or destruction. The division provides sensor management and event analysis and response for network and host-based events. Event analysis and response includes reducing multiple cyber incidents to actual malicious threat determinations and mitigating those threats IAW guidance from GCC Government leadership. Responsibilities
Develop reports and products, both current and long-term, in support of CSSP and course of action development. Prepare Tactics, Techniques, and Procedures (TTP), SOPs, Executive Summary (EXSUMS), trip reports, and information/point papers. Contribute to the preparation of agreements, policy, and guidance documentation such as Memorandums of Understanding / Agreement (MOU/A), Service Level Agreements (SLA). Defensive Cyber Infrastructure (DCI) Support. Develop and distribute content provided by security platform vendors at least weekly and as needed. Develop and distribute in-house content based on tips from higher organizations and the Threat Hunt team. Provide content development and distribution to tactical edge customers and develop TTPs for doing so. Consolidate different data sources into a single view used to assess the status of a specific threat on the network. Develop and/or maintain dashboards displaying CSSP items of interest and all active cyber incidents in near real time within each respective Area of Responsibility (AOR). Maintain, update, test, and implement signatures and policies for each sensor managed by GCC. Coordinate changes through the ITIL process and develop signatures and policies for both network- and host-based sensors. Update as necessary to minimize false positives and validate syntax. Conduct development and testing on isolated networks and document testing activity with plans, results, and procedures as signatures are updated. Update and validate the plan at least annually with a signature test plan. Qualifications
Basic Qualifications: 8 years with BS/BA; 6 years with MS/MA; 3 years with PhD Certifications: DCWF Code 521 Advanced or CISSP or GIAC certifications such as GCIA, GCLD, GDSA, GICSP, GSEC, ISSAP, ISSEP, etc. Active TS/SCI Clearance Ability to conduct vulnerability assessments and monitor networks to support test and operational environment requirements. Solid understanding of data transport, encryption, networking, IT systems, and cybersecurity fundamentals. Compensation and Benefits
Target Salary Range: $66,000 - $106,000. Salary is determined by the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and contract considerations. Depending on the position, overtime, shift differential, and a discretionary bonus may be available in addition to base pay. EEO:
Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law. Employment Type
Full-time
#J-18808-Ljbffr