Host Based Systems Analyst - IV TS/SCI
Tasks
- Analyze malicious activity and exploited weaknesses
- Analyze network alerts and determine possible causes
- Analyze network traffic for anomalous activity
- Construct and implement defense signatures
- Correlate events from multiple enterprise sources
- Detect identify and alert on attacks and intrusions
- Document and escalate incidents
- Identify and analyze network traffic anomalies using metadata
- Identify applications and operating systems from network traffic
- Identify network mapping and OS fingerprinting
- Monitor system activity with cyber defense tools
- Perform cyber defense trend analysis and reporting
- Produce daily network event summary reports
- Reconstruct malicious activity from network traffic
- Validate IDS alerts with packet analysis
- Validate network alerts with enterprise cyber defense staff
Perks/Benefits
- N/A
Skills/Tech-stack
Data collection | Event Correlation | Event management | Incident Response | Intrusion Detection | Intrusion Detection System | Network Security | Network Traffic | Network Traffic Analysis | Packet Analysis | Protocol analyzer | Python | Security Information | Security Information and Event | Security Information and Event Management | Signature development | Snort | Traffic analysis | Trend analysis
Education
Related jobs
-
Target Analyst Reporter USD 110K-195KCode disassembly | Debugging | Exploit Development | File Hashing | Fuzzy File HashingActive TS/SCI Clearance | Full Scope PolygraphSenior-level Full TimeLinthicum, MD20h ago
-
Junior Consultant USD 70K-82K800-53 | AI tools | Access Management | CIS Controls | Compliance401K Plan Eligibility | Dental insurance | Disability insurance | Life insurance | Medical insuranceEntry-level Full TimeNashville, TN, US22h ago
-
Cybersecurity Analyst - Data Protection USD 79K-153KABAC | AWS | Access Control | Alation | AuditingMid-level Full TimeTwo Destiny Way, Westlake TX, United …22h ago
-
Security Analyst USD 85K-90KCertificate Lifecycle Management | Certificate lifecycle | Cryptographic Posture Management | Cryptographic algorithms | CryptographyEducational assistance | Health and wellness benefits | Hybrid work schedule | Paid Holidays | Paid Maternity LeaveMid-level Full TimeNew Jersey Office - 210 Hudson … R22h ago
-
Command Line | Cyber Kill Chain | Cybersecurity Countermeasures | Detection Signatures | Kill ChainActive TS/SCI Clearance | Onsite work | Some Remote WorkSenior-level Full TimeAlexandria, VA1d ago
-
Cyber Kill Chain | Defense in Depth | Detection Systems | Event management | Incident Response247 shift work | Weekend hoursSenior-level Full TimeArlington, VA1d ago
-
C# | C++ | Detection rules | Dynamic analysis | FireEye AXMultiple shifts availableMid-level Full TimeSan Antonio, TX1d ago
-
ArcSight | Firewalls | IDS/IPS | Kibana | Network AnalysisMultiple shifts available | Top Secret clearanceMid-level Full TimeFort George G Meade, MD1d ago
-
All-source intelligence | ArcGIS | Cloud Architecture | Counterintelligence Analysis | Data analytics10 percent travel | Top Secret SCI clearance | Training and BriefingMid-level Full TimeReston, VA1d ago
-
Adversary TTPs | Automated Assessment | Course of Action | Course of Action Analysis | Cyber ThreatMid-level Full TimeLinthicum Heights, MD1d ago
-
Mid-level Full TimeFort George G Meade, MD1d ago
-
Adversary tactics | Adversary tactics and techniques | Cloud Security | Cyber Threat | Cyber incidentMid-level Full TimeFort George G Meade, MD1d ago
-
Communication | Course of Action | Course of Action Development | Data Analysis | Data collectionMid-level Full TimeLorton, VA1d ago
-
Course of Action | Course of Action Development | Data Analysis | Data collection | Information IntegrationTS/SCI clearance | US Passport EligibilitySenior-level Full Timemulti (Ft. Belvoir area and or …1d ago
-
Cyber Defense | Cyber Defense Tools | Cybersecurity monitoring | Data collection | Defense toolsOnsite support | Remote workMid-level Full TimeArlington, VA1d ago
-
Attack Framework | Computer Network Defense | Computer network | DMZ | DNSMid-level Full TimeArlington, VA1d ago
-
Alert validation | Event Correlation | Event management | Incident Handling | Intrusion Alert ValidationActive clearance support | Onsite work | Remote workMid-level Full TimeArlington, VA1d ago
-
Cyber Defense | Cyber Defense Tooling | Detection Systems | Event Correlation | Event managementMid-level Full TimeArlington, VA1d ago
-
Adversary Techniques | Adversary tactics | All-source research | Command and control | Digital forensicsSenior-level Full TimeArlington, VA1d ago
-
Cyber Security Analyst (TS/SCI Rquirement) USD 86K-128KCyber Threat | Cyber threat hunting | Defense in Depth | Event Correlation | Event managementShift work | Training and self studyMid-level Full TimeArlington, Virginia1d ago
-
Bash | Cause analysis | Cellebrite | Chain of Custody | Cloud servicesSenior-level Full TimeNY, NY1d ago
-
SOC Analyst USD 52K-72KFirewall Logging | Incident Response | Intrusion Detection | Intrusion Detection System | Microsoft 365401k matching | Flexible spending accounts | Health, dental, vision insurance | Paid Holidays | Paid time offMid-level Full TimeDurham, NC, US1d ago
-
Threat Hunt Lead -- Top Secret USD 170K-230KAI/ML | AI/ML modeling | Chain of Custody | Cloud Forensics | Cyber OperationsSenior-level Full TimeUSA VA Herndon - 13857 Mclearen …1d ago
-
CECS II Field Support Representative (Region 3) USD 93K-118KAuthority to Operate | Computer Security | Continuous Monitoring | Control Systems Security | Cybersecurity401k with company match | Comprehensive health benefits | Flex work weeks | Health and wellness packages | Internal mobility opportunitiesMid-level Full TimeUSA MD Andrews AFB - Andrews …1d ago
-
CECS II Field Support Representative (Region 4) USD 87K-118KAuthority to Operate | Continuous Monitoring | Cybersecurity | Enterprise Information System Security | Incident ResponseInternal mobility | Paid Holidays | Paid education and certifications | Paid vacationMid-level Full TimeUSA GA Robins AFB - Robins …1d ago