Posted in

Cyber Security Analyst Tier III

Cyber Security Analyst Tier III

CompanyGeneral Dynamics
LocationShreveport, LA, USA
Salary$114525 – $143750
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior, Expert or higher

Requirements

  • Technical Training, Certification(s) or Degree, 8+ years of experience
  • Cyber Ark Experience
  • Splunk Experience
  • Qualifying Certification to meet DoD IAT Level III and CSSP Analyst (DoD 8570) requirements to be met within 6 months of starting the position: CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, and/or PenTest+

Responsibilities

  • Provide expertise with Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), Threat Hunting/Intelligence, and customer facing escalations, containment/remediation activities.
  • Provide technical support on event network security logs and trend analysis.
  • Detect the full spectrum of known cyberattacks (e.g., DDoS, malware, phishing, others).
  • Uncover and pinpoint security violations of compromised systems and devices
  • Correlate security events from various capabilities to identify attacks and breaches.
  • Analyze and acts on intelligence information to secure customer networks and devices
  • Recognize successful and unsuccessful intrusion attempts and compromises.
  • Triage security events utilizing relevant details and summary information.
  • Prepare incident reports of analysis methodology and results.
  • Observe, document and report actions taken by malicious actors in customer networks.
  • Accurately and appropriately prioritize and escalate incidents.
  • Examine malware analysis reports and other reporting from incidents to correlate similar events.
  • Conduct log and system analysis for various system, and network and security devices.
  • Document emerging threat intelligence and reported IOCs for security tool integrations.
  • Create and update rules or signatures in security tools and applications.
  • Escalate identified security incidents to the appropriate teams or POCs.
  • Recommend appropriate methods of system remediation and threat mitigation, as needed.
  • Maintain a current understanding of the best practices and strategies used in cyber security.
  • Motivate self and co-workers to expand knowledgebase and capabilities.
  • Develop lessons learned documentation, reporting, and playbooks/SOPs for response within the environment.
  • Provide content engineering expertise to include analyzing, designing, developing and delivering solutions to stop adversaries.

Preferred Qualifications

  • 10+ years of relevant experience
  • Strong analytical, organizational and project management skills
  • Understanding of networking fundamentals, the OSI model, and TCP/IP protocols
  • Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.)
  • Experience reviewing network, host and application audit logs (system, security, etc.)
  • Relevant security certifications (Network+, CEH, CCNA, etc.)
  • Familiarity of security standards (NIST, FISMA, Fed RAMP, DCID, CNSS and DoD 8500)
  • Knowledge of cloud IT solutions and security considerations of cloud solution deployment
  • Experience with any SIEM or log aggregation system, Splunk preferred