Cyber Security Analyst - Hill AFB

C3EL has a great opportunity for a Cyber Security Analyst at Hill AFB, UT supporting the GSM-O II contract.

Job Responsibilities:

• Cyber Threat Analysis on the DoD network
• Network Traffic Analysis using packet capture programs
• Conduct routine security audits for compliance
• Respond to alerts and identify malicious threats on the DoD network
• Upgrade network sensors and Security Information and Event Management systems as new threats are discovered
• Manage IDS and IPS devices
• Manage firewalls
• Report findings to USCYBERCOM for review

Minimum Qualifications:

• Top Secret clearance - active, in-scope
• 2+ years of Cyber Security or Information Assurance related experience.
• Due to the nature of the work and contract requirements, US Citizenship is required.
• Current DoD 8570 IAT Level II certification (Security+, CCNA-Security, CySA+, etc.)
• Knowledgeable of the life cycle of network threats, attacks, attack vectors.
• Understanding of methods of exploitation and of intrusion set tactics, techniques and procedures (TTPs).
• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
• Hands-on experience analyzing high volumes logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations.
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk).
• Experience and proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture software, Host-Based Forensics, or Network Forensics.
• Experience with malware analysis concepts and methods.
• Unix/Linux command line experience.
• Scripting and programming experience.
• Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
• Willingness to perform shift work.

Desired Qualifications:

• Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP, CASP and/or SIEM-specific training and certification.  (CISSP or equivalent).
• Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.

Education:

• Bachelor's degree, however additional experience, education, and training may be considered in lieu of a degree