Defensive Cyberspace Operations Analyst

Requirement ID 10623C Grade Level Level VIII Group Cyberspace Operations Location Scott AFB, IL Clearance Level Needed Top Secret Duties and Responsibilities Review audit data and network traffic data for irregularities or other indications of real or potential security violations Correlate and analyze security data and events from alert and traffic flow systems Identify potential advanced persistent and coordinated threats across multiple platforms Perform tuning and optimization tasks to include sensor rule review and log aggregation/visibility Perform reviews of implemented cybersecurity defense IDS/IPS rules, exceptions, and log availability and content Perform reviews of aggregated log data to identify missing required sources; ensuring log data format IAW logging standards Develop/enhance existing intrusion detection analytics/dashboards/signatures to remain commensurate with evolving cyber threat Investigate all security related events and incidents involving assigned information systems Report identified security incidents through approved reporting process Review and share significant activity reports and Attack Sense and Warning (AS&W) tippers Perform incident response based on security events identified Develop and deploy countermeasures in response to cybersecurity incidents IAW Incident Response Plan Analyze and identify root cause and lessons learned from security incidents; document formal after-action reports (AAR) Provide recommendations related to tactical response actions, such as updating signatures and heuristics Develop and maintain security analysis scripts and analytic displays Certifications One or more DoD approved 8570 baseline certifications for: IAT II and CSSP Analyst. Link to approved certifications: https://bit.ly/3IbvOvK Degrees N/A Years of Experience 3 Position Type Full Time Other Qualifications Preferred knowledge and experience with the following: NIST and DoD security policies. Securing virtualization/cloud infrastructure concepts, technologies and services. Microsoft server and workstation, Unix, and Red Hat Linux Enterprise OS security configurations. Basic forensic requirements and processes. Shift Negotiable