Soc-Cyber Analyst (Government)

At&T Melbourne , FL 32901

Posted 2 months ago

AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the Intelligence Community. We are dedicated to recruiting, developing and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values and dedicated to our customers' mission.

For the DIA Directorate of Science and Technology (DS&T), the Advanced Technology Integration Program (ATIP) provides IT managed services for Special Access Program (SAP) systems supporting activities to enable DIA's sensitive technical collection.

AT&T has an opening for a SOC-Cyber Analyst to support the ATIP systems in providing managed IT support of SAP-IT systems for high-priority defense intelligence collection needs and develop and field advanced technical collection capabilities and systems that leverage emerging methods, phenomenologies, and technologies.

Job Duties/Responsibilities:

  • Responsible for security event monitoring, management, and response utilizing SEIM toolsets

  • Develop and improve monitoring strategies and analyze threats, using state-of-the-art tools like HBSS, Splunk, ESM, NSM, Netflows, IDS, StealthWatch, and Forescout.

  • Perform a deep-dive incident analysis by correlating data from various sources and determine if a critical system or data set has been impacted, advise on remediation, and provide support for new analytic methods for detecting threats.

  • Conduct incident handling functions of containment, eradication and recovering, close out reports and lessons learned, escalate to a specialized analyst or SOC Manager for malware analysis, or adversity hunt mission.

  • Review alerts to determine relevancy and urgency and communicate alerts to agencies regarding intrusions to the network infrastructure, applications, and operating systems.

  • Create trouble tickets for alerts that signal an incident and require further Malware Analysis and Hunt Team Response.

  • Collaborate with other teams to assess risk and develop improvement strategies for security posture.

  • Monitor open source channels, including vendor sites, Computer Emergency Response Teams, SysAdmin, Audit, Network, Security (SANS) Institute, and Security Focus to maintain a current knowledge of Computer Network Defense (CND) threat condition and determine which security issues may have an impact on the enterprise.

  • Collect intrusion artifacts, including source code, malware, and Trojans and use discovered data to enable mitigation, write and publish CND guidance and reports, including engagement reports on incident findings to appropriate constituencies.

  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts, correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.

  • Stay up to date with current vulnerabilities, attacks, and countermeasures.

Required Clearance:

TS/SCI with Polygraph (#polygraph)

Required Qualifications:

  • A Bachelor's Degree from an accredited institute in an area applicable to this position and 4+ (four or more) years of relevant experience; or 2+ years of relevant experience and a Masters degree; or 8+ years of relevant experience and no degree.

  • Must be 8570 compliant (IAT Level 2) by date of security indoctrination with any necessary continuing education (CE) for certification. E.g. Security+ CE, CCNA Security, CySA+, GICSP, GSEC, SSCP, CASP CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH .

  • This website describes what this means: https://resources.infosecinstitute.com/dod-8570-iat-certification-requirements/#gref

  • Strong experience in monitoring network traffic, Cyber Analyses, investigating computer and information security incidents and Incident Handling.

  • Skills commensurate with the duties and responsibilities.

  • Good communication and people skills.

Desired Qualifications:

  • Experience with Splunk, HBSS, ESM, NSM, Netflows, IDS, StealthWatch, Forescout or other Cyber Analyses, Cyber Network Monitoring/Analyses, Incident Handling, and SIEM systems preferred.

  • Cyber Analyses / Ethical Hacking / Incident Handling / Cyber Forensics related Certifications e.g. CEH, CCNA-Security, CHFI, GCFE, GCFA, GPYC, GPEN, GSEC, etc. preferred.

  • Cyber Forensics experience desired.

  • Cyber Policy Certifications e.g. CISSP or CASP desirable, not required.

  • MCSE or MCP desirable, not required.

AT&T will consider for employment qualified applicants in a manner consistent with the requirements of federal, state and local laws. AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V

Job ID 2016197 Date posted 04/29/2020


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Associate Cyber Information Assurance Analyst

Northrop Grumman

Posted 1 week ago

VIEW JOBS 5/22/2020 12:00:00 AM 2020-08-20T00:00 - Perform assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments. * Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. * Assist in the implementation of the required government policy (i.e., NISPOM, JSIG etc), make recommendations on process tailoring, participate in and document process activities. * Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. * Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pretest preparations, participation in the tests, analysis of the results and preparation of required reports. * Document the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M. * Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed. Basic Qualifications: * Master's degree with 0 years of experience; OR a Bachelor's degree with 0 years of experience; OR an Associate's degree with 2 years of experience; OR a High School Diploma/GED with 4 years of experience is required * Must have a DoD 8570 IAM level 1 security certification (example: Security CE); OR must be able to obtain and maintain one within 6 months of start date * Must be willing to work flexible/non-standard work hours as well as weekends * Candidates must have a current DOD Secret level security clearance with an original adjudication, or a period reinvestigation, completed within the last 6 years in order to be considered * Must be able to obtain, and maintain, access to Special Programs as a condition of continued employment Preferred Qualifications: * The ideal candidate will have a Master's degree in Cyber Security, a current Security CE, and 1 year of ISSO experience with RMF in a classified environment * Knowledge of ACAS, NESSUS, SPLUNK, SCAP, NIST 800-53rev4, system audits using an SIEM, vulnerability scanning, and DSS and/or JSIG system security package development are highly desirable * Current Top Secret clearance with SAP access is preferred Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions. Northrop Grumman Melbourne FL

Soc-Cyber Analyst (Government)

At&T