General Dynamics Information Technology Cyber Security Analyst in Leesburg, Virginia
Clearance Level Must Currently Possess:
Clearance Level Must Be Able to Obtain:
No Suitability Required
The Focused Operations analyst is an expert in hacker/hacktivist group capabilities and intentions, and nation-state sponsored CNE (computer network exploitation) and CNA (computer network attack) targeting the US Critical Infrastructure. This position supports a Civilian Agency Cyber Security Operations Center (SOC) organization protecting the network security of tens of thousands of users. The work site is located in Leesburg, Virginia.
This position requires the ability to identify potential threats based on agency utilized hardware and software.
The Focused Operations analyst shall be knowledgeable of current and evolving hacking tools and methodologies available to disrupt these systems.
The Focused Operations analyst responsibilities include:
Contribute to daily operational update meetings for SOC staff and unscheduled situational update briefings for FAA leaders as necessary.
Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
Reference applicable departmental and operating administration policies in work products.
Recommend sound remediation and recovery strategies, suggest defensive policy enhancements and information technology procedures.
Access, secure and inspect classified information processing areas.
Assist DOT and FAA law enforcement and counter intelligence offices with cyber investigations
Provide forensic and network analysis, primarily Encase Enterprise and RSA Security Analytics/Netwitness.
Threat detection and trend analysis.
Understand and convey of the lifecycle of the network threats, attack vectors, and network vulnerability exploitation
Maintain awareness of directives, orders, alerts, and messages.
Provide content for FAA, and DOT shared situational awareness mechanisms i.e., websites, blogs, and Wikipedia style mechanisms.
Maintain relationships with Intelligence Agencies, Law Enforcement (LE), and US Government organizations.
Maintain situational awareness of cyber activity in the Information Technology (IT) by reviewing open source reporting for new vulnerabilities, malware, or other threats that have the potential to impact the organization.
Developindicators of compromise and context for content creation, utilizing FireEye, ArcSight, and Splunk.
Search for anomalous activity and investigate to provide identification; produce reports and briefs to provide an accurate depiction of the current threat landscape and associated risk
Use customer, community, and open source reporting.
Shift is Monday-Friday, 10A-6P.
Focused Operations analysts should be a proven team player with excellent oral and written communications skills, and a fine attention to detail. Focused Operations analysts should also be self-starters, capable of working on projects independently, if required. Extremely effective oral and written communications skills are a must, in order to present strategy, scripting output and status information to the client in both formal and informal review settings. Frequent interaction with government client is required. Occasional local travel. Infrequent (<5%) local travel, infrequent (<5%) long distance travel.
Job Qualifications: Required Education and Experience:
- Bachelor's degree in Computer Science or Information systems.
- Minimum ten (10) years of relevant professional experience.
- In addition to required education or equivalent experience.
- Minimum four (4) years experience with cyber intelligence analysis experience.
Preferred Experience :
Experience with information security devices (e. g., firewalls, and intrusion detection/prevention systems) and applications (e.g. security information management tools such as Splunk, Netwitness, ArcSight).
Technical expertise in the capabilities and techniques of hacker/hacktivist groups, criminal syndicates, and advanced persistent threats conducting computer network exploitation and attacks against the U.S. government resources and critical infrastructure.
Familiar with signatures, tactics, techniques and procedures associated with preparation for and execution/implementation of such attacks especially Sourcefire/Snort/Firepower.
Experience with intelligence briefings.
Experience with threat analysis.
Experience with intelligence products.
Experience with early indications and warnings.
Experience with Open Source intelligence techniques.
Experience working in a network security incident response team, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).
Level of Clearance Required: Department of Defense Secret
US Citizenship required
# of Openings:
Scheduled Weekly Hours:
T elecommuting Options:
Telecommuting Not Allowed
USA VA Leesburg - 991 Sycolin Rd (VAC048)
Additional Work Locations:
CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
THINK NEXT. NOW.
CSRA is tomorrow’s thinking, today. To “Think Next. Now.” is to imagine a better future and to deliver it, today. For our customers, our partners, and ultimately, all the people our mission touches, CSRA is realizing the promise of technology to change the world through next-generation thinking and meaningful results.
We understand that our customers' missions require new methods and imaginative thinking. We bring together government IT professionals, emerging technologies, and the brightest, cutting-edge advisors in the industry to deliver a broad range of innovative, next-generation IT solutions and professional services to help our customers modernize their legacy systems, protect their networks and assets, and improve the effectiveness and efficiency of mission-critical functions for our warfighters and our citizens.
Everywhere you look, CSRA is there. We’re in our nation’s infrastructure, in training and education, in cyber security, in serving veterans who served us—and, so much more. Take some time to learn more about CSRA. You might be surprised to learn how we touch your life.
We are a company of 18,000+ smart, talented individuals, yet we enjoy a start-up culture that inspires us to make a difference while delivering results in this rapidly evolving world. Join our team and use your skills and expertise to support the safety, security, health and well-being of the nation.