Cyber Security Analyst - Hill AFB
Ogden, UT
⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️
C3EL
Designing, Building, Integrating and Delivering Command Center Solutions to the Department of Defense and Law Enforcement AgenciesC3EL has a great opportunity for a Cyber Security Analyst at Hill AFB, UT supporting the GSM-O II contract.
Job Responsibilities:
- Cyber Threat Analysis on the DoD network
- Network Traffic Analysis using packet capture programs
- Conduct routine security audits for compliance
- Respond to alerts and identify malicious threats on the DoD network
- Upgrade network sensors and Security Information and Event Management systems as new threats are discovered
- Manage IDS and IPS devices
- Manage firewalls
- Report findings to USCYBERCOM for review
Minimum Qualifications:
- Top Secret clearance - active, in-scope
- 2+ years of Cyber Security or Information Assurance related experience.
- Due to the nature of the work and contract requirements, US Citizenship is required.
- Current DoD 8570 IAT Level II certification (Security+, CCNA-Security, CySA+, etc.)
- Knowledgeable of the life cycle of network threats, attacks, attack vectors.
- Understanding of methods of exploitation and of intrusion set tactics, techniques and procedures (TTPs).
- Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
- Hands-on experience analyzing high volumes logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations.
- In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk).
- Experience and proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture software, Host-Based Forensics, or Network Forensics.
- Experience with malware analysis concepts and methods.
- Unix/Linux command line experience.
- Scripting and programming experience.
- Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
- Willingness to perform shift work.
Desired Qualifications:
- Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP, CASP and/or SIEM-specific training and certification. (CISSP or equivalent).
- Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
Education:
- Bachelor's degree, however additional experience, education, and training may be considered in lieu of a degree
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ArcSight Audits CASP+ CISSP Clearance Compliance DoD DoDD 8570 Firewalls Forensics GCIA GCIH GIAC IDS IPS Linux Malware QRadar SANS Scripting SIEM Splunk TCP/IP Top Secret Top Secret Clearance TTPs UNIX
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.