Cyber Security Operations Analyst, Lead

Cyber Security Operations Analyst, Lead

The Cyber Security Specialist will support the DTRA IT Cybersecurity department by providing 24/7 monitoring and response across its network environment. Collaborating with Cybersecurity Service Provider (CSSP) analysts and agency teams, the specialist will analyze threats, develop mitigations, and provide situational awareness to leadership. Responsibilities include ensuring compliance with DoD cybersecurity metrics, monitoring network defense services, conducting threat hunts using standard tools, and documenting findings through detailed technical reports. Strong research skills and the ability to work collaboratively are essential for success in this role.

RESPONSIBILITIES

• In support of the DTRA IT Cybersecurity (CS) department, the Cyber Security Specialist will provide the required resources and expertise to support 24x7x365 cybersecurity monitoring and response across DTRA’s distributed network operations environment.
• Working with the DTRA IT, Cybersecurity Service Provider (CSSP) analysts and engineers shall collaborate with various teams throughout the agency to process intelligence, determine threat, develop mitigations, monitor for attacks, and assess risk while providing cyber based Situational Awareness to agency leadership and stakeholders.
• The Cyber Security Specialist will monitor computer network defense services in a manner that effectively safeguards the confidentiality, integrity, and availability of DTRA-supported network environments and Information Technology infrastructure.
• The Cyber Security Specialist will provide the required resources and expertise to ensure compliance with DoD CSSP Evaluators Securing Metrics (ESM). In addition, the Cyber Security Specialist will provide support within the existing CSSP structure which includes four simultaneously running processes tooled to assist and defend the system subscriber.
• The Cybersecurity Analyst is responsible for network threat monitoring across a variety of tools.
• The analyst is expected to understand how to use standard threat hunting tools to craft targeted queries to detect and monitor intrusions into the network environment. Prior experience writing and submitting detailed technical reports is required in order to submit detailed reports of how the threat was identified, confirmed, contained, and any other follow-on actions.
• The analyst must also be proficient in conducting research on threats and adversaries across various open source and government database platforms. The ability to work effectively within a team is essential, as the analyst will be required to share and discuss information discovered during the research and monitoring process.

REQUIRED QUALIFICATIONS

• BS 5-7 Years, MS 3-5, PhD 0-2
• Experience with cyber security architecture principles that achieve cybersecurity framework goals.
• Must have Active DoD Top Secret clearance
• IAT Level II certification and CSSP Analyst certification (Security+ CE or better, CEH or better)
• Experience with open-source research

DESIRED QUALIFICATIONS

• SANS GCIH or similar certification
• Splunk Search App experience
• Tanium Interact Module experience
• Wireshark experience
• Open-source research experience

Location : Onsite Ft Belvoir, VA

Clearance requirement : Active Top Secret

Schedule: Tues-Sat Day Shift 0600-1400. May be requested to work evenings and weekends to meet program and contract needs.

Type of Environment: Office

Amount of travel: 10%

BOOST is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.