Cyber Defense Operator with Security Clearance

Found in: Dice One Red US C2 - 2 weeks ago

San Antonio, United States TEKsystems co Allegis Group Full time
** Must have an Active TS/SCI**
**Must have a GCFA certification and IAT level3 Cert*
1. SOC Experience (Incident response, Network Monitoring, threat hunting)
2. SIEM (Splunk, DEVO, Arcsight) Duties:
• Review all IDS/IPS alerts and checklists at the AOL, COOP, or Ops Floor. Conduct host security monitoring, alert review, and intrusion detection analysis for the AFIN‐SOC mission.
• Develop, Review and Maintain procedures related to the overall monitoring of Hosts/Systems.
• Comply with 3rd party MOU/MOA monitoring and reporting requirements. Analyze host DCO events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities. (CDRL A002)
• Monitor security sensors to analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify and correlate security issues/events and review logs to identify intrusions for remediation. Correlate suspicious events with network events, if possible, and data stored within databases and other external DoD resources, including but not limited to Big Data Platform (BDP).
• Analyze traffic/logs/events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities.
• Record who, what, where, why and when for any identified suspicious activity in case management system (CMS) case to enable additional investigations. (CDRL A008)
• Conduct triage of suspicious activity alerts and logs in order to make a fast and accurate triage decision. (CDRL A008)
• Enter event data into mission support systems in accordance with AFIN SOC operational procedures and reports. (CDRL A008)
• Provide monthly performance metrics including but not limited to: readiness, qualifications, events processed, CAT events and incidents identified. (CDRL A005)
• Escalate security incidents using established policies and procedures.
• Generate end of mission reports (MISREPS) and provide pass‐on information for knowledge transfer to subsequent /crews of analysts on duty regarding the latest suspicious traffic seen from a given port, Internet Protocol (IP), etc. with no more than a 5% error rate.
• Provide computer security‐related support to AF field units (examples: 688 Cyber Wing Squadrons, Base Communications Squadrons, Mission Defense Teams), as directed by CCC, in countering vulnerabilities, minimizing risk, and improving the security posture of AF computers networks and systems within the scope of AFIN SOC operational requirements and mission execution.
• Provide focused DCO tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named DCO operations and exercises.
• Conduct 24x7x365 near real‐time network security monitoring and intrusion detection analysis for the networks, systems monitored using AF’s selected IDS/IPS capabilities with no more than a 1% error rate. (CDRL A005)
• Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated as needed through the approved documentation system, in order to ensure efficient transition when personnel rotate.
• Create and document metrics for reporting and analysis to improve alert triage processes and mission execution. (CDRL A009)
• Provide requested information to operational leadership as it relates to mission execution.
• Conduct intake of administrative and operational communication from external agencies and route the communication to the Mission Lead/Crew Commander.
• Perform security checks every four hours to verify external doors are properly closed and no suspicious activity is taking place around the facility. If suspicious activity is observed or suspected, contact and inform the Crew Commander.
• Initiate emergency checklists due to imminent threat, as directed by Crew Commander. Call emergency responders (Security Forces/Fire Department etc.) if needed via 911. The Crew Commander is responsible for all official reporting.
• Inform Crew Commander for all anomalies to include, but not limited to: utility outages, flooding, sick/missing members, or any other irregularity with the potential to adversely impact the mission.
• Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures. (CDRL A002)
• Provide feedback on detection mechanisms that are both true and false positive events to ESM and Content Development as applicable.
• Participate in planning, briefing, and debriefing tasks as directed by CDO Mission Lead or Crew Commander.
• Accomplish assigned weapon system access, ORM, Go/No Go, reports, TTP updates and TAR submissions.
• Execute approved scoping actions. Find endpoints matching target: accounts, registry configurations, files, processes, IP addresses, ports, domains, or other correlating data to determine extent of compromises.
• Execute approved response actions against target: accounts, registry configurations, files, processes, IP addresses, ports, domains, or other system components to contain compromises.
• Analyze threat intelligence (TIPPERS) as directed by CDO Mission Lead or Crew Commander to include contextual information, IoCs, TTPs, vulnerabilities, effects, and actionable intelligence about threats mapped to the MITRE threat framework.
• Work with CDO Mission Lead for prioritization and assignment of tasks.
• Provide CDO Mission Lead support, notify CDOs of Crew Commander prioritized tasks, tracking all required mission systems and functions.
Requirements:
• DoDD 8570.01‐M/8140.01 I AT Level I CND
• Active TS/SCI
• Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas: IP addressing and domain name service; network components; Transmission Control Protocol (TCP)/User Datagram Protocol (UDP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), and Hypertext Transfer Protocol (HTTP); and understand the network Open Systems Interconnection (OSI) model. Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects)

  • Cyber Operations Planner with Security Clearance

    Found in: Dice One Red US C2 - 2 days ago

    San Antonio, United States Tyto Athene, LLC Full time

    Tyto Athene is seeking a Cyber Operations Planner for a newly awarded multi-year contract providing Cyberspace Support Services in support of the Air Force's 688th Cyberspace Wing (688 CW) located in San Antonio, TX. Cyber Operations Planner is responsible for planning, implementing and executing the AF cyber operations plans and strategy assigned to the 688...

  • Defensive Cyber Operations Subject Matter Expert

    2 weeks ago

    San Antonio, United States CareerBuilder Full time

    Defensive Cyber Operations Subject Matter Expert Lackland AFB, San Antonio, TX, USA Req #5532 Friday, August 11, 2023 TekPro Support Services, LLC (TSS) is seeking a D efensive Cyber Operations Subject Matter Expert Provide subject matter expertise (SME) on defensive cyber operations (DCO) for support to programming, acquisition, requirements, and weapon...

  • Cyber Security Specialist with Security Clearance

    Found in: Dice One Red US C2 - 1 week ago

    San Antonio, United States Silotech Group, Inc Full time

    Overview Silotech Group provides Advanced Cyber Solutions, Intelligence Solutions, Enterprise/Cloud IT Services and Products, and Managed IT/Security Services to Federal, State, and Commercial clients. We provide Federal Government and Commercial clients with customized, agile technical solutions focused on data, enterprise platforms, service engagement, and...

  • Cyber Warfare Instructor II

    Found in: Dice One Red US C2 - 2 weeks ago

    San Antonio, United States Tyto Athene, LLC Full time

    Tyto is looking for a Cyber Warfare Instructor to join our San Antonio, TX team. The instructor supports the Air Force's 39th Information Operations Squadron, Detachment 2 providing Cyberspace Operations instruction that will include heavy emphasis on Offensive Cyber Warfare (OCO). Roles and responsibilities include: * Plan, research, and analyze computer...

  • Cyber Defense Operator with Security Clearance

    Found in: Careerbuilder One Red US C2 - 2 weeks ago

    San Antonio, TX, United States TEKsystems co Allegis Group Full time

    ** Must have an Active TS/SCI****Must have a GCFA certification and IAT level3 Cert*1SOC Experience (Incident response, Network Monitoring, threat hunting)2SIEM (Splunk, DEVO, Arcsight) Duties:• Review all IDS/IPS alerts and checklists at the AOL, COOP, or Ops FloorConduct host security monitoring, alert review, and intrusion detection analysis for the...

  • Senior Cyber Security Engineer with Security Clearance

    Found in: Dice One Red US C2 - 2 weeks ago

    San Antonio, United States Smart Synergies Full time

    Client is looking for someone with flexibility and desire to engage as part of a small, high-performance team. Monitor, evaluate, and maintain systems and procedures to protect the data systems and databases from unauthorized users. Identify potential threats and respond to reported security violations. Determine causes of security breaches and research,...

  • Cyber Security Specialist with Security Clearance

    Found in: Careerbuilder One Red US C2 - 6 days ago

    San Antonio, TX, United States Silotech Group, Inc Full time

    Overview Silotech Group provides Advanced Cyber Solutions, Intelligence Solutions, Enterprise/Cloud IT Services and Products, and Managed IT/Security Services to Federal, State, and Commercial clientsWe provide Federal Government and Commercial clients with customized, agile technical solutions focused on data, enterprise platforms, service engagement, and...

  • Senior Cybersecurity Systems Engineer with Security Clearance

    Found in: Dice One Red US C2 - 2 weeks ago

    San Antonio, United States X Technologies, Inc Full time

    Senior Cybersecurity Systems Engineer Location: San Antonio, TX USA Workplace: On-site Employment Type: Full Time, Exempt Summary of Position The Cybersecurity Systems Engineer to join our launch and Missile Defense - Cyber team supporting our Cyber Engineering Group located in San Antonio, TX. In this role, the Cybersecurity Systems Engineer (SE)...

  • *HYBRID* Network Vulnerability Analyst with Security Clearance

    Found in: Dice One Red US C2 - 6 days ago

    san diego california, United States Zachary Piper Solutions, LLC Full time

    Zachary Piper Solutions is seeking a Network Vulnerability Analyst for a position supporting a government contracting firm. The Network Vulnerability Analyst will be required to work on-site one day per week in Point Loma San Diego, CA. Theanalyst will identify, assess, and mitigate security vulnerabilities in network systems through scanning, testing, and...

  • Cyber Warfare Instructor II

    Found in: Careerbuilder One Red US C2 - 5 days ago

    San Antonio, TX, United States Tyto Athene, LLC Full time

    Tyto is looking for a Cyber Warfare Instructor to join our San Antonio, TX teamThe instructor supports the Air Force's 39th Information Operations Squadron, Detachment 2 providing Cyberspace Operations instruction that will include heavy emphasis on Offensive Cyber Warfare (OCO)Roles and responsibilities include:• Plan, research, and analyze computer...

  • Principal Cybersecurity Systems Engineer with Security Clearance

    Found in: Dice One Red US C2 - 2 weeks ago

    San Antonio, United States Osi Vision LLC Full time

    In this role, the Principal Cybersecurity Systems Engineer (SE) architects system security requirements and the security layout architecture to facilitate design, collaborating with engineers across disciplines throughout development. Additionally, the Principal Cyber SE determines the required security tools and functionality necessary to support...

  • Sr Cyber Engineer with Security Clearance

    Found in: Dice One Red US C2 - 2 weeks ago

    San Antonio, United States PingWind Inc. Full time

    Job Type Full-time Description Pingwind is hiring for a Senior Cyber Engineer located in San Antonio, Texas. Requirements * Extensive knowledge of policies/directives/regulatory guidance in the Cybersecurity field.* Minimum of five (5) years RMF experience in a complex network and systems environment consisting of a large diverse population of users,...

  • Senior Cyber Security Engineer with Security Clearance

    Found in: Careerbuilder One Red US C2 - 2 weeks ago

    San Antonio, TX, United States Smart Synergies Full time

    Client is looking for someone with flexibility and desire to engage as part of a small, high-performance teamMonitor, evaluate, and maintain systems and procedures to protect the data systems and databases from unauthorized usersIdentify potential threats and respond to reported security violationsDetermine causes of security breaches and research,...

  • Information System Security Officer

    Found in: Dice One Red US C2 - 4 days ago

    San Antonio, United States IC-CAP Full time

    Information System Security Officer (ISSO) 2: Position Description: The ISSO is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of...

  • Cryptologic Cyber Planner 3 with Security Clearance

    Found in: Dice One Red US C2 - 2 weeks ago

    San Antonio, United States RealmOne Full time

    We're searching for talented individuals who provide drafting, reviewing and editing of end-product reporting expertise for the Government. This program will maximize the effectiveness and efficiency of our country's most important missions both at home and abroad. If you are ready to support a high-performing team that truly makes a difference, then come...

  • Cyber Security Analyst

    1 week ago

    San Antonio, United States Apex Systems Full time

    Cyber Security AnalystLocation: San Antonio, Texas (onsite/hybrid)Contract: 1 year*If interested and qualified, please reach out to the technical recruiter, Nicole, at nrosipal@apexsystems.com The Cyber Security Analyst will help plan and carry out security measures to protect our client's information systems. Tasks include but are not limited to the...

  • Cyber Security Analyst

    Found in: Appcast US C2 - 1 week ago

    San Antonio, United States Apex Systems Full time

    Cyber Security AnalystLocation: San Antonio, Texas (onsite/hybrid)Contract: 1 year*If interested and qualified, please reach out to the technical recruiter, Nicole, at nrosipal@apexsystems.com The Cyber Security Analyst will help plan and carry out security measures to protect our client's information systems. Tasks include but are not limited to the...

  • Cyber Security Analyst

    Found in: Appcast Linkedin GBL C2 - 1 week ago

    San Antonio, United States Apex Systems Full time

    Cyber Security AnalystLocation: San Antonio, Texas (onsite/hybrid)Contract: 1 year*If interested and qualified, please reach out to the technical recruiter, Nicole, at nrosipal@apexsystems.com The Cyber Security Analyst will help plan and carry out security measures to protect our client's information systems. Tasks include but are not limited to the...

  • *HYBRID* Network Vulnerability Analyst with Security Clearance

    Found in: Careerbuilder One Red US C2 - 5 days ago

    San Diego, CA, United States Zachary Piper Solutions, LLC Full time

    Zachary Piper Solutions is seeking a Network Vulnerability Analyst for a position supporting a government contracting firm. The Network Vulnerability Analyst will be required to work on-site one day per week in Point Loma San Diego, CA. Theanalyst will identify, assess, and mitigate security vulnerabilities in network systems through scanning, testing, and...

  • Cyber Engineer Lead with Security Clearance

    Found in: Dice One Red US C2 - 2 weeks ago

    San Diego, United States SAIC Full time

    Description SAIC is the premier Joint All Domain Command and Control (JADC2) integrator with expertise in transforming legacy command and control systems into a modern hybrid cloud environment to accelerate decision making and increase mission success. This new program is part of a broader effort to provide a tactical operational picture aligned with the...