The Cybersecurity Analyst is a member of the Defensive Cyber Operations team (on the DISA GSM-O program). This team supports network assurance activities within DISA.
Candidate will perform the following duties:
Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks
Supports cyber security initiatives through both predictive and reactive analysis
Articulates emerging trends to leadership and staff
Coordinates resources during incident response efforts, driving incidents to timely and complete resolution
Performs network traffic analysis using raw packet data, net flow, IDS data, and custom sensor output
Reviews threat data and develops custom signatures
Correlates actionable security events and develops unique correlation techniques
Uses attack signatures and tactics, techniques and procedures (TTPs) to aid in Zero-Day detection
Uses attack signatures and TTPs associated with Advanced Persistent Threats to identify new threats and attacks
Conducts basic malware analysis of attacker tools, identifying indicators of compromise, and reverse engineer attacker encoding protocols
Interfaces with external entities, including law enforcement and intelligence community organizations
Provides analysis of incidents for customers by: o determining the incident’s nature and formulating responses o identifying and providing the ability to surge during emergencies o correlating event and incident data o determining possible effects on the DODIN, customer networks, and other organizations
Ability to work independently and within a team as required
Performs infrastructure monitoring, performance assessment, new requirement analysis and support
Additional Duties
Prepare and disseminate CND reports, trends, responses, mitigations, analysis, and information
Provide support to leadership for CND applicable activities within Protect, Detect, Respond, and Sustain
Support a performance-based environment with pre-determined Acceptable Levels of Performance (ALPs)
Support the development, documentation, and tracking of metrics relevant to the ALPs
Interface with government counterparts and leadership
Required Experience, Education, and Certifications:
Master’s degree from an accredited college in a related discipline, with three (3) years of professional experience; or Bachelor’s degree from an accredited college in a related discipline, with five (5) years of professional experience; or ten (10) years professional experience in Information Security, with at least four (4) years specializing in security, vulnerability mitigation techniques, and exploitation methods within enterprise networks
DoD 8570 Compliant for IAT Level II: Possess a CASP, CCNA-Security, CISSP, CSA , GICSP, GSEC, Security CE, or SSCP certification
DoD 8570 Compliant for CSSP Analyst within 180 days of employment: Possess a CEH, CFR, CSA , GCIA, GCIH, GISCP, or SCYBER certification
In-depth understanding of TCP/IP protocols, ports, and services
Strong communication skills, both written and verbal
Desired Experience, Education, and Certifications:
CND experience
Department of Defense experience
NIX familiarity
Command Line Scripting skills (PERL, Python, PowerShell scripting) to automate analysis task
Knowledge of hacker TTPs
Be able to conduct basic malware analysis
Demonstrated hands on experience with various static and dynamic malware analysis tools
Knowledge of advanced threat actor TTPs
Understanding of software exploits
Ability to analyze packed and obfuscated code
Comprehensive understanding of common Windows APIs and ability to analyze shellcode
Required Clearance: Active TS/SCI
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V
At AT&T, we’re bringing it all together. We deliver advanced mobile services, next-generation TV, high-speed Internet and smart solutions for people and businesses. That’s why we stand alone as a fully integrated solution provider.... more