Cyber Network Defense Analyst with Security Clearance

Job Description:
Our Stennis MS based client is seeking a Junior Cyber Network Defense Analyst to join our team on a highly visible cyber security single-award IDIQ vehicle that provides security operations center (SOC) support, cyber analysis, application development, and a 24x7x365 support staff. The Monitoring and Analysis team provide 24x7 support across 4 different shifts. We have Front half shifts (day and night) and back half shifts (day and night). The front half shift will work 12 hour shifts from Sunday - Tuesday and alternating Wednesdays. The back half shift will work 12 hour shifts from Thursday - Saturday and alternating Wednesdays. Candidates must have the ability to work non-core hours, if necessary. Primary Responsibilities

• Utilize a SIEM for enterprise monitoring and detection

• Create Security Event Notifications to document investigation findings

• Perform critical thinking and analysis to investigate cyber security alerts

• Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)

• Collaborate with team members to analyze an alert or a threat

• Stay up to date with latest threats

• Monitor shared email box for notifications and requests

• Utilize OSINT to aid in their investigation

• Contribute to content tuning requests Basic Qualifications
All Junior Cyber Network Defense Analyst candidates shall have a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field AND a minimum of 2+ years professional experience in the areas listed below:

• Network Administration

• Unix/Linux Administration

• Software engineering

• Software development

• Systems administration

• Help desk/IT support
The ideal candidate is a self-motivated individual in pursuit of a career in cyber security.
Candidates should also demonstrate the following:

• Familiarity with a SOC's purpose and role within an organization

• General understanding of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)

• Familiarity with network topologies and network security device functions (e.g. Firewall, IDS/IPS, Proxy, DNS, etc).

• Familiarity with packet analysis tools such as Wireshark

• Able to perform critical thinking and analysis to investigate cyber security alerts

• Familiarity with common malware and attack vectors

• Familiarity with Windows operating systems and standard OS logging

• Familiarity with Antivirus, DLP, and host based firewalls Must have at least one of the following certifications:

• Comptia: Security+, Network+, CASP

• SANS GIAC: GCIA, GCIH, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GISF, or GCIH

• EC Council: CEH, CHFI, LPT, ECSA

• ISC2: CCFP, CCSP, CISSP CERT CSIH

• Offensive Security: OSCP, OSCE, OSWP and OSEE Must have current TS/SCI. In addition to specific security clearance requirements, all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program. Preferred Qualifications

• Familiar with SOC methodologies and processes

• Familiarity with scripting languages (e.g. Python, Powershell, Javascript, VBS etc) Potential for Telework: No
Clearance Level Required: Top Secret/SCI
Travel: No
Scheduled Weekly Hours: 40
Shift: 12 Hour Shift Pattern
Requisition Category: Professional
Job Family: Cyber Operations