Cyber Incident Analyst with Security Clearance
3 weeks ago
As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies
Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace
The company serves as a valued partner to essential government agencies and supports every branch of the U.S
armed forces
Each day, our employees do the can't be done by solving the most daunting challenges facing our customers
Visit peraton.com to learn how we're keeping people around the world safe and secure.
Responsibilities Responsibilities include, but are not limited to:
• Monitor and acti on SIEM platforms for alerts, events, and rules providing insight into malicious activities and/or security posture violatons
• Review intrusion detection system alerts for anomalies that may pose a threat to the customer's network
• Identify and investigate vulnerabilities, asses exploit potential, and suggest analytics for automation in the SIEM engines
• Report events through the incident handling process of creating incident tickets for deeper analysis and triage activities
• Classify incident reports IAW Army and DoD regulations after identifying root cause and issuing remediation actions to system owners
• Perform post intrusion analysis to determine shortfalls in the incident detection methods
• Develop unique queries and rules in the SIEM platforms to further detection for first line cyber defenders
• Determine IDS/IPS rule false positi ves to recommend tuning of rules to reduce noise and inceaefidelity
• Respond to the higher headquarters on incidents and daily reports
• Provide daily updates to Defensive Cyber Operations staff on intrusion detection operation and trends of events causing incidents
• Prepare charts and diagrams to assist in metrics analysis and problem evaluation, and submit recommendations for data mining andanalytical solutions
• Write reports of remotely exploitable vulnerabilities to increase customer situational awareness and improve the customer's cyber security posture
• Assist all sections of the Defensive Cyber Operations team as required in performing Analysis and other duties as assigned
• Travel to customer sites to perform network security evaluations
• May perform documentation and vetting of identified vulnerabilities for operational use Qualifications Basic Qualifications:
• Active Top-Secret/SCI • Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
• GIAC Certified Incident Handler
• Possess DoD 8570.01-M Information Assurance Technician (IAT) Level II Baseline Certification
• Must posses an active, OR have the ability to obtain within 90 days of hire date, an ITIL Foundations Certification
• Must have a full, complete, and in-depth understanding of all aspects of Defensive Cyber Operations
• Must have a good breadth of knowledge of common ports and protocols of system and network services
• Experience in packet captures and analyzing a network packet
• Experience with intrusion detecti on systems such as Snort, Suricata, and Zeek
• Experience with SIEM systems such as Splunk, ArcSight, or Elastic Desired Qualifications:
• DoD 8570 IAT III (CISSP, CASP, CISA, GCED, GCIH)
• Experience with writing Snort or Suricata IDS rules
• Experience in developing complex dashboards, report, and automated searches in Splunk, ArcSight, or Elastic/Kibana
• Experience with analyzing packets using Arkime
• Experience with Microsoft Windows event IDs
• Experience with Linux audit log analysis
• Familiarity with Git and VScode
• Experience with one or more scripting languages such as PowerShell, Bash, Python Target Salary Range $146,000 - $234,000
This represents the typical salary range for this position based on experience and other factors
SCA / Union / Intern Rate or Range EEO An Equal Opportunity Employer including Disability/Veteran
Our Values Benefits At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily
We're fully committed to the growth of our employees
From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.
• Paid Time-Off and Holidays
* Retirement
* Life & Disability Insurance
* Career Development
* Tuition Assistance and Student Loan Financing
* Paid Parental Leave
* Additional Benefits
* Medical, Dental, & Vision Care
-
Cyber Security Engineer
3 weeks ago
Sierra Vista, United States ECS Full timeECS is seeking a Cyber Security Engineer to work in our Sierra Vista, AZ office or remote + some travel. Job Description: As a leading provider of managed cybersecurity services, ECS provides a highly tailored and customized offering to each customer. Our team is responsible for protecting both our customers and corporate environment at ECS. Our...
-
Cyber Operations Lead
4 days ago
Sierra Vista, United States Kina'ole Foundation Full timeAt Kina'ole, you are joining a family whose Hawaiian roots anchor our culture of Aloha - sharing life with each other - and making a profound positive impact on the Native Hawaiian community and other communities where we operate. The Kina'ole Family of Companies offers a competitive salary and comprehensive benefits package that includes: Health insurance...
-
Cyber Operations Lead
3 weeks ago
Sierra Vista, United States Kina'ole Foundation Full timeAt Kina'ole, you are joining a family whose Hawaiian roots anchor our culture of Aloha - sharing life with each other - and making a profound positive impact on the Native Hawaiian community and other communities where we operate. The Kina'ole Family of Companies offers a competitive salary and comprehensive benefits package that includes:Health...
-
Lead Cyber Security Operations Center
8 hours ago
Quincy, MA, United States State Street Corporation Full timeWho are we looking for: State Street seeks to recruit an Lead Cyber Security Operations Center (SOC) analyst that will assist in the detection, triage, analysis and response to cyber-attacks. The analyst will join our SOC team which will run a 24/7 coverage, 365 days a year model, with a partner team in Ireland. The SOC team is responsible for analyzing...
-
Quincy, MA, United States State Street Corporation Full timeWho are we looking for: State Street seeks to recruit an Early Career Cyber Security Operations Center (SOC) analyst that will assist in the detection, triage, analysis and response to cyber-attacks. The analyst will join our SOC team which will run a 24/7 coverage, 365 days a year model, with a partner team in Ireland. The SOC team is responsible for...
-
Cyber Security Operations Center
5 days ago
Quincy, MA, United States State Street Corporation Full timeState Street seeks to recruit a SOC Manager for its Cyber Defense Center. The SOC Manager will help lead the triage, analysis and response to cyber-attacks. Join us in evolving our response capabilities to protect State Street, its customers and partners from ever-evolving and sophisticated threat actors. State Streets Cyber Fusion Center is responsible for...
-
Sierra Vista, United States Jacobs Full timeYour Impact:Challenging Today. Reinventing Tomorrow.We're invested in you and your success. Everything we do is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships.At Jacobs, we challenge the status quo and redefine how to solve the world's greatest...
-
35F Expert- RMIT
1 week ago
Sierra Vista, United States Jacobs Full timeYour Impact:Challenging Today. Reinventing Tomorrow.We're invested in you and your success. Everything we do is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships.At Jacobs, we challenge the status quo and redefine how to solve the world's greatest...
-
35F Senior
6 days ago
Sierra Vista, United States Jacobs Full timeYour Impact:Challenging Today. Reinventing Tomorrow.We're invested in you and your success. Everything we do is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships.At Jacobs, we challenge the status quo and redefine how to solve the world's greatest...
-
Intelligence Research Support Specialist
1 week ago
Sierra Vista, United States ASRC Federal Full timeASRC Federal Arctic Slope Mission Services wants you to join our cutting-edge team as an Intelligence Research Support Specialist in Ft. Huachuca, AZ, where you will leverage your expertise in general intelligence to support the U.S. Army Capability Manager for Intelligence Systems (ACM IS). This pivotal role focuses on the advancement of Army Aerial Layer...
-
Signals Intelligence
2 weeks ago
Sierra Vista, United States Jacobs Full timeYour Impact:Challenging Today. Reinventing Tomorrow.We're invested in you and your success. Everything we do is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships.At Jacobs, we challenge the status quo and redefine how to solve the world's greatest...
-
Signals Intelligence
1 week ago
Sierra Vista, United States Jacobs Full timeYour Impact:Challenging Today. Reinventing Tomorrow.We're invested in you and your success. Everything we do is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships.At Jacobs, we challenge the status quo and redefine how to solve the world's greatest...
-
Senior CND-SP Analyst
13 hours ago
Fredericksburg, VA, United States City of Fredericksburg, VA Full timeSenior CND-SP Analyst This Position is located in Washington, DC ARTTRA Inc. is seeking a highly qualified Cyber Network Defense-Service Provider Analyst to ensure the safety of information systems assets, and to protect systems from intentional or inadvertent access or destruction. The ideal candidate will:• Perform Computer Security Incident Response•...
-
Quincy, MA, United States State Street Corporation Full timeWho we are looking for State Street's Global Cyber Security (GCS) Third Party Cyber Risk Management (TPCRM) program seeks to mitigate a variety of third-party information security risk in accordance with the Bank's cyber risk appetite. Through a framework that addresses policy, process, operations, people, and technology, GCS protects our infrastructure,...
-
WOTB Trainer 350G
3 weeks ago
Sierra Vista, United States Jacobs Full timeYour Impact:Challenging Today. Reinventing Tomorrow.We're invested in you and your success. Everything we do is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships.At Jacobs, we challenge the status quo and redefine how to solve the world's greatest...
-
Sierra Vista, United States Jacobs Full timeYour Impact:Challenging Today. Reinventing Tomorrow.We're invested in you and your success. Everything we do is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships.At Jacobs, we challenge the status quo and redefine how to solve the world's greatest...
-
Technology Architect
3 weeks ago
Sierra Vista, United States Jacobs Full timeYour Impact:Challenging Today. Reinventing Tomorrow.We're invested in you and your success. Everything we do is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships.At Jacobs, we challenge the status quo and redefine how to solve the world's greatest...
-
SQLServer DBA-Intermediate-Sierra Vista,
2 weeks ago
Sierra Vista, United States DirectViz Solutions Full timeDirectViz Solutions, (DVS) provides strategic consulting services to meet mission IT requirements for our government clients. DVS is hiring a full-time SQLServer Database Administrator (DBA)-Intermediate. The work location will be at Fort Huachuca in Sierra Vista, AZ. This position requires a Secret clearance or US citizenship and the ability to obtain a...
-
Network Administrator
4 weeks ago
Sierra Vista, United States ECS Full timeECS is seeking a Network Administrator (Forescout) to work in our Sierra Vista, AZ office.Job Description:This role is primarily to support operations and maintenance of Comply To Connect (C2C) at various Army bases.We are currently seeking an eager individual who is interested in diving headfirst into Forescout as a networkadministrator. This role will...
-
Network Administrator
3 weeks ago
Sierra Vista, United States ECS Full timeECS is seeking a Network Administrator (Forescout) to work in our Sierra Vista, AZ office.Job Description:This role is primarily to support operations and maintenance of Comply To Connect (C2C) at various Army bases.We are currently seeking an eager individual who is interested in diving headfirst into Forescout as a networkadministrator. This role will...