System One
Cyber Defense Analyst – 2nd shift (3 pm – 11:30 pm) – Washington, DC (on‑site)
Must be able to obtain Public Trust clearance.
Responsibilities
Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client.
Provides timely and actionable sanitized intelligence to cyber incident response professionals.
Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client’s security posture.
Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks.
Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership.
Qualifications
Bachelor’s degree with 8+ years of cyber security experience (or commensurate experience).
7 years of security intrusion detection examination experience involving a range of security technologies that produce logging data; including wide area networks host and network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs.
Working experience of Splunk SIEM.
At least five years’ experience working at a senior level, performing analytics examination of logs and console events in the following working experience areas: creating advanced queries methods in Splunk or advanced Grep skills, firewall ACL review, examining Snort based IDS events, PCaps, web server log review, and working in a SIEM environment.
#J-18808-Ljbffr
Responsibilities
Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client.
Provides timely and actionable sanitized intelligence to cyber incident response professionals.
Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client’s security posture.
Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks.
Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership.
Qualifications
Bachelor’s degree with 8+ years of cyber security experience (or commensurate experience).
7 years of security intrusion detection examination experience involving a range of security technologies that produce logging data; including wide area networks host and network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs.
Working experience of Splunk SIEM.
At least five years’ experience working at a senior level, performing analytics examination of logs and console events in the following working experience areas: creating advanced queries methods in Splunk or advanced Grep skills, firewall ACL review, examining Snort based IDS events, PCaps, web server log review, and working in a SIEM environment.
#J-18808-Ljbffr