Job Description:
Conduct intrusion assessments (red/blue/hunt team activities) to validate compliance and identify exposures with existing defensive cyber operations software, tools, and systems. Identify exploitable vulnerable points and provide remediation recommendations.
Collect and keep audit data in order to conduct a technical analysis relating to misuse, penetration, or other incidents.
Develop tailored countermeasures to address identified threats and prevent or mitigate potential cyber event impacts to DCSA.
This is a partial Telework position
Education and Experience:
Bachelorβs Degree in Information Technology, Information Systems Management, or Cybersecurity and 7 Years- managerial Computer Network Defense or Cyber Operations experience
Clearance Level:
Basic Requirements:
Knowledge of standard DISA Security Technical Information Guides, NIST SP 800-61, CJCSM 6510.01 B, United States Cyber Command guidelines, and other applicable DoD Cybersecurity and Computer Network Defense policies
Develop tailored countermeasures to address identified threats and prevent or mitigate potential cyber event impacts
Experience scoping and participating in red/blue testing in order to confirm/tune detection, alerting, and prevention systems
Demonstrated experience integrating multiple tools in a cyber defense architecture, getting maximum usage and efficiency from those tools, identifying gaps and recommending solutions to close/secure those gaps.
Experience developing and reporting metrics, preferably in a near-real time dashboard or common operating picture.
Develop, maintain, and provide a weekly brief that captures all of the cyber events including metrics and trendsΒ
Be able to maintain TS/SCI clearance and access to required commercial and/or DoD systems including NIPRNet, SIPRNet, and JWICS
Liaise with internal and external partners at all levels, government and private sector, in order to benefit the organization and provide for more uniform situational awareness and common defense
Lead SOC shift change briefings
Correlate warning intelligence and attack sensing and warning (AS&W) data to search for advanced, persistent, and coordinated threats across the enterprise
Analyze impact of cyber warning intelligence and AS&W
Led a team of 3 or more analysts in a cohesive and collaborative effort to proactively and reactively defend an enterprise network