Mid-Level Watch Floor Cyber Security Analyst

Job Description
ECS is seeking a Mid-Level Watch Floor Cyber Security Analyst to work in our Huntsville, AL office. Please Note: This position is contingent upon contract award.

We are seeking a highly skilled and experienced Mid-Level Watch Floor Cyber Security Analyst to join our 24X7 Enterprise Security Operations Center (ESOC) team at the Federal Bureau of Investigation (FBI). As a key member of our SOC, you will be responsible for monitoring and analyzing network security events, identifying potential threats, and providing incident response support to ensure the security and integrity of FBI systems and data.

Key Responsibilities:

Monitor and Analyze Security Events:

• Use security information and event management (SIEM) systems, threat intelligence platforms, and other tools to monitor and analyze network security events, logs, and other data sources.
• Identify potential security threats, vulnerabilities, and incidents, and escalate to senior analysts or management as necessary.

Incident Response:

• Participate in incident response activities, including containment, eradication, recovery, and post-incident activities.
• Collaborate with other teams, such as IT and cybersecurity, to resolve security incidents and ensure business continuity.

Threat Intelligence:

• Stay up-to-date on emerging threats, vulnerabilities, and attack techniques.
• Contribute to the development and maintenance of threat intelligence reports and briefings.

Security Orchestration, Automation, and Response (SOAR):

• Implement and manage SOAR tools to automate security incident response and improve efficiency.
• Develop and maintain playbooks, runbooks, and other documentation to support SOAR processes.

Collaboration and Communication:

• Work closely with other SOC analysts, cybersecurity teams, and stakeholders to share knowledge, best practices, and incident response strategies.
• Communicate complex security information to non-technical stakeholders, including management and law enforcement officials.

Process Improvement:

• Participate in continuous process improvement efforts to enhance SOC operations, incident response, and threat intelligence capabilities.
• Collaborate with other teams to develop and implement new processes, tools, and technologies.

Compliance and Reporting:

• Ensure compliance with FBI security policies, procedures, and regulatory requirements.
• Prepare and maintain incident response reports, threat intelligence briefings, and other security-related documentation.

This role is 100% onsite
Required Skills

• Must have a current Top-Secret Clearance with the capability of obtaining SCI / CI-Poly if needed to meet contract requirements
• Education:
  • Bachelor's degree in Computer Science, Cybersecurity, Information Assurance, or a related field.
  • Advanced degree (Master's or higher) in a relevant field preferred.
• Experience:
  • 4+ years of experience in cybersecurity, incident response, or a related field.
  • At least 2 years of experience in a SOC or similar security operations environment.
• Certifications:
  • CompTIA Security+, or CEH certifications preferred.
  • Familiarity with threat intelligence frameworks, such as MITRE ATT&CK, and industry-recognized standards, such as NIST Cybersecurity Framework.
• Skills:
  • Strong understanding of network protocols, operating systems, and security technologies.
  • Experience with security information and event management (SIEM) systems, threat intelligence platforms, and SOAR tools.
  • Excellent analytical, problem-solving, and communication skills.
  • Ability to work in a fast-paced, dynamic environment with multiple priorities and deadlines.
• Security Operations Center (SOC) experience

Desired Skills

Experience with FBI systems and technologies:

• Familiarity with FBI network architecture, security policies, and procedures.
• Experience with FBI-specific security tools and platforms.

Advanced threat intelligence skills:

• Experience with threat intelligence frameworks, such as MITRE ATT&CK.
• Familiarity with threat intelligence platforms, such as ThreatConnect or Palantir.

SOAR implementation and management:

• Experience with SOAR tools, such as Phantom or Demisto.
• Familiarity with playbooks, runbooks, and other documentation related to SOAR processes.

Incident response and remediation:

• Experience with incident response frameworks, such as NIST IR or SANS IR.
• Familiarity with incident response tools, such as Splunk or ELK.

Desired Certifications:

• GIAC Continuous Monitoring Certification (GMON)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Network Forensic Analyst (GNFA)
• GIAC Cloud Threat Detection (GCTD)
• GIAC Cloud Forensics Responder (GCFR)

This position offers a unique opportunity to work in a high-security environment, directly supporting national defense and law enforcement initiatives. If you are passionate about securing mission-critical systems and thrive in a fast-paced, high-stakes environment, we encourage you to apply.

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.