Would you like to work with a highly technical team, supporting the front line of security protecting the federal and civilian government in the pursuit of national cybersecurity?
phia is seeking a highly skilled JOB TITLE to work for the Network Security Deployment (NSD) division, which supports the DHS National Cybersecurity Protection System (NCPS) infrastructure, development and operations through its entire lifecycle. NSD supports critical missions such as the NCCIC in their ability to be the Nations Lead Cyber Center for information exchange, incident response, and other key roles. Come join our teams working in a fast-paced environment that will challenge your technical skills.
- Perform cyber-threat hunting with vendors to identify potential cyber-threat activity within their networks/systems
- Perform hands-on investigations that require critical thinking and a broad understanding of multiple technologies
- Support development of presentations and reports to document findings
- Assist in the development and execution of cyber threat-hunting standard operating procedures (SOPs)
- Serve as a data analysis expert for output from a wide variety of cyber assessment tools and data analytics
- Assist in analysis tool development, configuration, implementation and use
- Analyze cyber-threat intelligence (e.g. actors, tools, exploits, malware, etc.) and determine TTPs used by threat-actors
- Analyze security events and data feeds for event detection, correlation from monitoring solutions, conduct triage and classify the output using automated systems for further investigation
- Assist in the discovery of cyber vulnerabilities and the investigation of global cyber security incidents, as required
- Develop cyber protection improvement recommendations that support the remediation and protection of systems
- Analyze and report on cyber-threats based on assessment and all-source intelligence
- Translate analytical findings into security use cases that can be implemented within available surveillance capabilities
- Provide detailed and accurate technical reporting of analysis results in the form of PowerPoint presentations and/or Word documents, as well as oral briefings on complex technical subjects attuned to senior management, technical, or non-technical audiences
- Eight (8) or more years of systems development experience required.
[A Masters degree in a related discipline may substitute for two (2) years of experience. A PhD may substitute for four (4) years of experience.]
- Bachelors degree a related discipline is required.
[Ten (10) years of experience (for a total of eighteen (18) or more years) may be substituted for a degree.]
- Practical knowledge of high-level scripting/programming language (e.g. Python, Perl, PowerShell, etc.) to extract, de-obfuscate, or otherwise manipulate malware-related data
- Proficient with forensic analysis tools and techniques to identify malware technical indicators of compromise and perform triage
- Possess excellent oral and written communication skills and critical thinking abilities
- Capable of working independently and within teams to solve complex problems
- Able to work across multiple organizations, cultures and service providers to pull together actionable information and management information
- Practical knowledge of Splunk policies, filters and rules to improve event analysis and data correlation
- Experience with penetration testing, incident response, malware analysis, reverse engineering, or other similar work experience
- Knowledge of Windows and Unix/Linux Operating Systems
- Ability to perform analysis of network traffic and protocols
- DoD 8570.1-M Compliance at IAT Level I certification required.
- Active Top Secret/Sensitive Compartmented Information (TS/SCI) security clearance required.
- U.S. Citizenship required.
- One or more current certifications equivalent to Offensive Security Certified Professional (OSCP), SANS GIAC Penetration Tester (GPEN), SANS GIAC Certified Incident Handler (GCIH), SANS GIAC Web Application Penetration Tester (GWAP), SANS GIAC Certified Intrusion Analyst (GCIA).
- Background or experience in digital forensics is a plus
WORK SCHEDULE: TBD
WORK LOCATION: Pensacola, FL
TRAVEL: Less than 5%
TELEWORK ELIGIBILITY: Ad-Hock
SECURITY REQUIREMENTS: Active Top Secret with eligibility for SCI or DHS EOD
phia LLC ("phia") is a Northern Virginia based, 8a certified small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, Information Assurance/Security, Compliance, Certification & Accreditation, Communications Security, Traditional Security, and Facilities Security. phia also provides cyber operations support functions such as: Program and Process Management, Engineering, Development, and Systems Administration that allows for Cyber Operations to efficiently integrate our customers missions and objectives. phia supports various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.
phia offers excellent benefits to enhance the work-life balance, these include the following:
Short Term & Long Term Disability
401k Retirement Savings Plan with Company Match
Paid Time Off (PTO)
Tuition and Professional Development Assistance