Today
Top Secret/SCI
Unspecified
Unspecified
IT - Security
Arlington, VA (On-Site/Office)
Strategic Analysis, Inc. is seeking an experienced Cyber Defense Specialist with prior USCYBERCOM experience to join our team. Experience with Security Operations Centers (SOC) and or Defensive Cyber Operations (DCO) teams is what we are looking for. The ideal candidate will leverage their deep understanding of military cyberspace operations to perform advanced threat analysis, lead incident response efforts, and proactively hunt for threats. This role requires a high degree of technical expertise, analytical skills, and the ability to work collaboratively in a fast-paced, high-stakes environment.
Responsibilities:
• Incident response and analysis: Lead in-depth investigations into security incidents, correlating data from multiple sources to understand the scope and impact of attacks.
• Threat hunting: Proactively search for and identify undiscovered threats within the network by using threat intelligence and advanced analytics in Splunk.
• DCO tactics and procedures: Apply hands-on experience with military DCO tactics, techniques, and procedures (TTPs) to protect and defend critical network infrastructure.
• Splunk administration and analysis: Use Splunk for data ingestion, real-time searching, and visualization to gain insights from logs and events. Build dashboards, reports, and alerts to support security monitoring and incident response.
• Endpoint security: Leverage and integrate modern Endpoint Detection and Response (EDR) tools to monitor, detect, and respond to threats on individual host systems. Manage endpoint security policies and analyze alerts from endpoint agents.
• Threat intelligence: Analyze and integrate threat intelligence feeds, including those from DoD sources and platforms, to stay current on adversary TTPs and emerging cyber threats.
• Reporting and documentation: Document incident timelines, analysis findings, and remediation actions for senior leadership and stakeholders. Develop briefings for both technical and non-technical audiences.
• Operational planning support: Provide subject matter expertise to influence and support defensive cyber strategies and operational planning efforts.
• Mentorship and guidance: Act as a mentor for junior analysts, helping to refine their investigative and analytical skills.
Requirements:
• Education: Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field. Relevant experience may be substituted for a degree.
Experience:
• 5+ years of hands-on experience in a Security Operations Center (SOC) or a DCO role.
• Proven experience working with military cyber operations, specifically within USCYBERCOM or a service-component cyber command.
• Demonstrated experience with incident response, malware analysis, and digital forensics.
Technical skills:
• Extensive knowledge of network protocols (TCP/IP), operating systems (Windows, Linux), and cloud security principles.
• Proficiency with Splunk for security analysis, alert creation, and dashboard generation.
• Hands-on experience with endpoint security tools. Experience with modern end point detection and response (EDR) solutions is highly desirable.
• Proficiency with other security tools, such as IDS/IPS, and packet analysis tools (e.g., Wireshark).
• Working knowledge of scripting languages like Python or PowerShell for automation and data analysis.
Soft skills:
• Strong critical thinking and problem-solving abilities.
• Excellent communication and report-writing skills, with the ability to articulate complex security issues clearly.
• The ability to work both independently and collaboratively in a team environment.
Desired qualifications
• Certifications: Professional certifications such as GMON, GCIH, GSOC, GSE and other GIAC certifications are highly desirable. Strategic Analysis, Inc. is an Equal Opportunity employer and is committed to non-discrimination in employment. All qualified applicants will receive consideration for employment without regard to race, color, religions, sex (including pregnancy, sexual orientation, or gender identity), national origin, disability (physical or mental), age (40 or older), protected veteran status, genetic information (including family medical history) or any other characteristic protected by law. This policy includes but is not limited to the following employment actions: recruitment, hiring, firing, promotion, demotion, compensation, fringe benefits, training, mentoring and sponsorship programs.
Responsibilities:
• Incident response and analysis: Lead in-depth investigations into security incidents, correlating data from multiple sources to understand the scope and impact of attacks.
• Threat hunting: Proactively search for and identify undiscovered threats within the network by using threat intelligence and advanced analytics in Splunk.
• DCO tactics and procedures: Apply hands-on experience with military DCO tactics, techniques, and procedures (TTPs) to protect and defend critical network infrastructure.
• Splunk administration and analysis: Use Splunk for data ingestion, real-time searching, and visualization to gain insights from logs and events. Build dashboards, reports, and alerts to support security monitoring and incident response.
• Endpoint security: Leverage and integrate modern Endpoint Detection and Response (EDR) tools to monitor, detect, and respond to threats on individual host systems. Manage endpoint security policies and analyze alerts from endpoint agents.
• Threat intelligence: Analyze and integrate threat intelligence feeds, including those from DoD sources and platforms, to stay current on adversary TTPs and emerging cyber threats.
• Reporting and documentation: Document incident timelines, analysis findings, and remediation actions for senior leadership and stakeholders. Develop briefings for both technical and non-technical audiences.
• Operational planning support: Provide subject matter expertise to influence and support defensive cyber strategies and operational planning efforts.
• Mentorship and guidance: Act as a mentor for junior analysts, helping to refine their investigative and analytical skills.
Requirements:
• Education: Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field. Relevant experience may be substituted for a degree.
Experience:
• 5+ years of hands-on experience in a Security Operations Center (SOC) or a DCO role.
• Proven experience working with military cyber operations, specifically within USCYBERCOM or a service-component cyber command.
• Demonstrated experience with incident response, malware analysis, and digital forensics.
Technical skills:
• Extensive knowledge of network protocols (TCP/IP), operating systems (Windows, Linux), and cloud security principles.
• Proficiency with Splunk for security analysis, alert creation, and dashboard generation.
• Hands-on experience with endpoint security tools. Experience with modern end point detection and response (EDR) solutions is highly desirable.
• Proficiency with other security tools, such as IDS/IPS, and packet analysis tools (e.g., Wireshark).
• Working knowledge of scripting languages like Python or PowerShell for automation and data analysis.
Soft skills:
• Strong critical thinking and problem-solving abilities.
• Excellent communication and report-writing skills, with the ability to articulate complex security issues clearly.
• The ability to work both independently and collaboratively in a team environment.
Desired qualifications
• Certifications: Professional certifications such as GMON, GCIH, GSOC, GSE and other GIAC certifications are highly desirable. Strategic Analysis, Inc. is an Equal Opportunity employer and is committed to non-discrimination in employment. All qualified applicants will receive consideration for employment without regard to race, color, religions, sex (including pregnancy, sexual orientation, or gender identity), national origin, disability (physical or mental), age (40 or older), protected veteran status, genetic information (including family medical history) or any other characteristic protected by law. This policy includes but is not limited to the following employment actions: recruitment, hiring, firing, promotion, demotion, compensation, fringe benefits, training, mentoring and sponsorship programs.
group id: 10114253
