Cyber Countermeasures Engineer with Security Clearance

Company Overview By Light Professional IT Services LLC readies warfighters and federal agencies with technology and systems engineered to connect, protect, and prepare individuals and teams for whatever comes next. Headquartered in McLean, VA, By Light supports defense, civilian, and commercial IT customers worldwide. Position Overview By Light is seeking a Cyber Countermeasures Engineer who's primary duty location is DISA Global Field Command (DGFC),Hill AFB, Utah. Responsibilities Provide mission support, as necessary for at new cyber capability at Scott AFB, IL.
Serve as the cyber countermeasure Subject Matter Expert for a new cyber capability.
Work directly with commercial vendor cyber fusion/threat analyst teams to develop effective countermeasures addressing a wide range of priority and/or emerging cyber threats.
Ensure countermeasures are effective in supporting desired mission outcomes.
Provide critical integration for commercial vendors teams
Analyze signatures (ex. YARA, Snort) in Cyber Threat Intelligence or DoD orders and assess new capability coverage for these threats Required Experience/Qualifications 2+ years of experience in cyber analyst role
Experience conducting malware analysis
Experience developing behavioral threat signatures, such as YARA rules
Experience with cyber operations and cyber operation planning processes
Understands malicious cyber actor TTPs to include initial access and command-and-control
Understands how to use cyber security tools and data to conduct defensive cyber operations
Understands cyber threats and cyber threat frameworks such as Cyber Kill Chain and MITRE ATT&CK framework
Understands Cyber Threat Intelligence (CTI) and how to integrate CTI into defensive cyber operations Preferred Experience/Qualifications Hands on SIEM experience, preferably with Splunk, to include configuration, query development, log review/analysis, and correlation of event data
5+ years of experience in cyber analyst role, preferably supporting DGFC or JFHQ
Experience with regex and signature development
Experience with coding/scripting
Cybersecurity certifications such as CISSP and/or GIAC certifications
Splunk certifications Special Requirements/Security Clearance Active TS and TS/SCI clearances are required.