Current Statistics
1,626,420 Total Jobs 259,563 Jobs Today 17,768 Cities 222,696 Job Seekers 146,729 Resumes |
|
|
|
|
|
|
Cyber Fusion & Threat Analyst - Tampa Florida
Company: Leidos Location: Tampa, Florida
Posted On: 05/05/2024
Description Job Description:The DISA GSM-O II Task Number 09 (TN09) at DISA Central Field Command has an opening for Cyber Fusion and Threats Analyst located at MacDill AFB, Tampa, FL.Position Summary:GSM-O II provides network operations and cyber defense support to the Defense Information Systems Agency (DISA) in support of the DOD and COCOMs. - In this role, you will provide support with cyber threat intelligence analysis, incident handling, triage of events, threat detection, trend analysis, metric development, vulnerability information -dissemination and conduct network traffic analysis using raw packet data, netflow, IDS, IPS and custom sensor output as it pertains to the cyber security of communications networks.Primary Responsibilities: - Synthesize, summarize, consolidate and share potentially malicious activities on the DoDIN with DISA and mission partner organizations by creating incident reports, wiki updates, collaboration/chat tippers and notifications, DoD incident handling database queries, metrics, and trend reports.
- Leverage an array of network monitoring and detection capabilities (including netflow, custom application protocol logging, signature-based IDS, and full packet capture (PCAP) data) to identify cyber adversary activity.
- Identify threats to the enterprise and provide mitigation strategies to improve security, and reduce the attack surface.
- Perform analysis by leveraging serialized threat reporting, intelligence product sharing, OSINT, and open source vulnerability information to ensure prioritized plans are developed.
- Analyze and document malicious cyber actors TTPs, providing recommendations and alignment to vulnerabilities and applicability to the enterprise operational environment.
- Discover adversary campaigns, anomalies and inconsistencies in sensor and system logs, SIEMs, and other data.
- Identify, investigate and rule out system compromises, with the capacity to provide written analytic summaries and attack life cycle visualizations.
- Provide risk assessments and recommendations based on analysis of technologies, threats, intelligence, and vulnerabilities.
- Offer recommendations to adjust enterprise or tactical countermeasures to for threats impacting the DODIN.
- Collect analysis metrics and trending data, identify key trends, and provide situational awareness on these trends.Required Qualifications:
- Active DoD TS/SCI Clearance
- Bachelor's Degree in related discipline and 4+ years of related experience. - Additional experience may be accepted in lieu of degree
- Security+ Certification (or other equivalent DoD 8570 Level II certification)
- In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies.
- Proficiency with datasets, tools and protocols that support analysis (e.g. passive DNS, Virus Total, Recorded Future, TCP/IP, OSI, WHOIS, enumeration, threat indicators, malware analysis results, Wireshark, Splunk, Arcsight etc.).
- Experience with various open-source and commercial vendor portals, services and platforms that provide insight into how to identify and/or combat threats or vulnerabilities to the enterprise.
- Proficiency working with various types of network data (e.g. netflow, PCAP, custom application logs)Preferred Qualifications:
|
|
|
|
|
|
|