Cyber Security Analyst
DA Integrators seeks an experienced Cyber Threat Analyst. The Cyber Security Analysts will be responsible for monitoring, tracking and reporting relevant events, types and sources to the correct departments. These highly skilled individuals will work in various capacities alongside Computer Network Defense (CND) Incident Responders and Cybersecurity Engineers.
Required Security Clearance: Candidates must have at a minimum a current secret clearance with an investigation close-out date less than 6 years old to be considered. Candidates must be able to be cleared for additional special security accesses (SAP) and a top secret clearance to perform the work.
Job Description Duties:
- The Cyber Threat Analysts will be responsible for applying technical and functional expertise to collect, normalize and characterize cyber incident and event data to identify anomalous or malicious activity including intrusions, attacks, data loss or other prohibited activities.
- The Cyber Threat Analysts will analyze and correlate incidents and events that may involve foreign intelligence entities and warn of anticipated hostile attacks against DoD information systems or networks.
- Receive and initial analysis on warning intelligence information and proper sharing of intelligence notifications, notes and reports with customers
- Identify potential impact to customers by analysis of intelligence reports, forensic reports and reverse engineering of malware reports to determine associated indicators of compromise (IOC’s) and using the IOCs to develop and distribute countermeasures to detect and prevent identified threats.
- Evaluation of IOCs from incidents to determine association with known computer network exploitation (CNE) groups and thoroughly investigate the IOCs for other infrastructure possibly related to the CNE teams (domain registration, IP ownership, VPN infrastructure, strains of malware, etc.) for the possible addition of proactive defensive measures.
- Will assist customers in preventing or mitigating the potential impact of cyber-attacks by developing, distributing and sharing countermeasures that may impact networks and information systems with peer DCO organizations and customers.
- A BS/BA degree in Computer Science or related field is required. Must have a CompTIA Security+ certificate and a Certified Ethical Hacker (CEH) certificate prior to starting.
- A minimum of five (5) years of Linux and Networking experience, three (3) years’ experience with IDS, IPS and Host Based Security Solutions and two (2) years of experience with malware analysis tools (such as IDA Pro, Cuckoo Sandbox, OllyDbg) is required
- Must have demonstrable, strong programming skills-specifically in Python and C/C++
- Intermediate to advanced level skills in Microsoft Office software suite – Word, Excel, Outlook, PowerPoint.
- Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience. Presentation and strong public speaking skills are required.
- Strong interpersonal skills and good judgment with the ability to work alone or as part of a team.