Cyber Security Analyst – Windows (Computer Security Systems Specialist (Intermediate))
Are you a problem solver? Do you like complex, challenging puzzles? Do you enjoy traveling and experiencing new environments? If so, this position may be a perfect fit for you. The candidate will be a key player in supporting and evolving the processes, procedures and methodologies for implementing and executing exploitation, analysis, and instruction activities in support of Cyber Protection Teams (CPTs). The candidate will be involved throughout all phases of the CPT mission. Although not all inclusive, the position involves a blending of several disciplines to include, but not limited to; forensics analysis, incident response, reverse engineering, code/script development, and knowledge of network ports, protocols and services.
More specifically, the candidate will:
- Demonstrate an ability to methodically and proactively analyze problems and offer solutions.
- Perform as part of an Incident Response Team – possess knowledge of cyber incident and response, forensics, and related current events.
- Understand and be well versed in common cyber threat terminology, vulnerability and basic knowledge of penetration test principles and methodologies.
- Exhibit good writing and communications skills, to include the ability to render concise reports, summaries, and formal oral presentations.
- Willing to travel 30% of the time with trips varying in length, as dictated by the customer.
- Must possess an active TS/SCI security clearance.
- Must possess an IAT Level III certification: CISSP (or Associate), CASP, CISA, GCED, GCIH, or CCNP-Security.
- Must be willing to obtain additional certifications as required.
- Minimum Bachelor’s degree and 2-years’ experience, Associates degree with 4-years’ experience or 6- years’ equivalent experience without a degree; degrees focused on engineering or applied science.
- Must complete self-assessment questionnaire, customer pre-screen, skills assessment lab, and pass the training and certification program(s) as dictated by the customer, and remain mission ready qualified.
- Candidate should be self-motivated with minimal supervision.
- Intermediate “hands-on” experience with Linux, SED, AWK, Perl, Python, Batch, or similar.
- Intermediate knowledge in packet analysis using Wireshark, tcpdump, Splunk, ELK, Bro, etc.
- Ability to operate and navigate UNIX/Linux operating systems from the command prompt/line with ease.
- Familiarity with common forensics tools and capabilities (i.e., EnCase, Forensic Toolkit (FTK)).
- Cisco knowledge preferred.
- Forensic/Incident Response associated certification preferred (i.e., GCIH, GCFA, GCFE, EnCE certifications).
- RHCSA, Win Server 2012 R2, 2016 MCSA, CEH, CND-AU, Linux+/LPIC-1
- Cyber Security/IT Background