Cyber Defense Operator with Security Clearance

Found in: Careerbuilder One Red US C2 - 2 weeks ago

San Antonio TX United States TEKsystems co Allegis Group Full time
Duties: Must have a GCFA certification or be able to obtain within 120 days
Must have active TS/SCI
This position is supporting a 24/7 Air Force SOC
This role will require shift work
Shifts run roughly from 7am-3pm, 3pm-11pm, 11pm-7am
Review all IDS/IPS alerts per AFCERT Operating Instruction (OI) and checklists at the AOL, COOP, or Ops Floor
Conduct host security monitoring, alert review, and intrusion detection analysis for the AFIN‐SOC mission
Develop, Review and Maintain procedures related to the overall monitoring of Hosts/Systems
Comply with 3rd party MOU/MOA monitoring and reporting requirements
Analyze host DCO events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities
(CDRL A002) Monitor security sensors to analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify and correlate security issues/events and review logs to identify intrusions for remediation
Correlate suspicious events with network events, if possible, and data stored within databases and other external DoD resources, including but not limited to Big Data Platform (BDP)
Analyze traffic/logs/events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities
Record who, what, where, why and when for any identified suspicious activity in case management system (CMS) case to enable additional investigations
(CDRL A008) Conduct triage of suspicious activity alerts and logs in order to make a fast and accurate triage decision
(CDRL A008) Enter event data into mission support systems in accordance with AFIN SOC operational procedures and reports
(CDRL A008) Provide monthly performance metrics including but not limited to: readiness, qualifications, events processed, CAT events and incidents identified
(CDRL A005) Escalate security incidents using established policies and procedures
Generate end of mission reports (MISREPS) and provide pass‐on information for knowledge transfer to subsequent /crews of analysts on duty regarding the latest suspicious traffic seen from a given port, Internet Protocol (IP), etc
with no more than a 5% error rate
Provide computer security‐related support to AF field units, as directed by CCC, in countering vulnerabilities, minimizing risk, and improving the security posture of AF computers networks and systems within the scope of AFIN SOC operational requirements and mission execution
Provide focused DCO tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named DCO operations and exercises
Conduct 24x7x365 near real‐time network security monitoring and intrusion detection analysis for the networks, systems monitored using AF’s selected IDS/IPS capabilities with no more than a 1% error rate
(CDRL A005) Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated as needed through the approved documentation system, in order to ensure efficient transition when personnel rotate
Create and document metrics for reporting and analysis to improve alert triage processes and mission execution
(CDRL A009) Provide requested information to operational leadership as it relates to mission execution
Conduct intake of administrative and operational communication from external agencies and route the communication to the Mission Lead/Crew Commander
Perform security checks every four hours to verify external doors are properly closed and no suspicious activity is taking place around the facility
If suspicious activity is observed or suspected, contact and inform the Crew Commander
Initiate emergency checklists due to imminent threat, as directed by Crew Commander
Call emergency responders (Security Forces/Fire Department etc.) if needed via 911
The Crew Commander is responsible for all official reporting
Inform Crew Commander for all anomalies to include, but not limited to: utility outages, flooding, sick/missing members, or any other irregularity with the potential to adversely impact the mission
Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures
(CDRL A002) Provide feedback on detection mechanisms that are both true and false positive events to ESM and Content Development as applicable
Participate in planning, briefing, and debriefing tasks as directed by CDO Mission Lead or Crew Commander
Accomplish assigned weapon system access, ORM, Go/No Go, reports, TTP updates and TAR submissions
Execute approved scoping actions
Find endpoints matching target: accounts, registry configurations, files, processes, IP addresses, ports, domains, or other correlating data to determine extent of compromises
Execute approved response actions against target: accounts, registry configurations, files, processes, IP addresses, ports, domains, or other system components to contain compromises
Analyze threat intelligence (TIPPERS) as directed by CDO Mission Lead or Crew Commander to include contextual information, IoCs, TTPs, vulnerabilities, effects, and actionable intelligence about threats mapped to the MITRE threat framework
Work with CDO Mission Lead for prioritization and assignment of tasks
Provide CDO Mission Lead support, notify CDOs of Crew Commander prioritized tasks, tracking all required mission systems and functions.

  • Cyber Security Engineer with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Fairfax, VA, United States Cornerstone Defense Full time

    Title: Cyber Security Analyst Location: Mclean, VA *Clearance: *Active TS/SCI w/ Polygraph needed to apply• Company Overview: Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.SGovernmentRealizing early on that our most prized assets are our employees, we continually focus our attention on...

  • Defensive Cyber Operations Analyst with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Ogden, UT, United States Dark Wolf Solutions Full time

    Dark Wolf Solutions is looking for a Defensive Cyber Operations Analyst who will perform continuous system monitoring to identify malicious cyber-attacks while supporting the containment, and remediation of IT threatsAdditionally, this position will monitor networks and applications to identify a possible cyber-attack or intrusion and help coordinate and...

  • Cyber Security Engineer with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Herndon, VA, United States Cornerstone Defense Full time

    Title: Cyber Security Engineer Location: Reston, VA *Clearance: *Active TS/SCI w/ Polygraph needed to apply• Company Overview: Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.SGovernmentRealizing early on that our most prized assets are our employees, we continually focus our attention on...

  • Cyber Security Systems Engineer with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Herndon, VA, United States Cornerstone Defense Full time

    Title: Cyber Security Systems Engineer Location: Herndon, VA *Clearance: *Active TS/SCI w/ Polygraph needed to apply• Company Overview: Cornerstone Defense, in partnership with our military, intelligence, and civil government customers, supports U.Soperations worldwide through the use of many different types of intelligence, satellite, and cyber...

  • Cyber Defense Operator with Security Clearance

    Found in: Careerbuilder One Red US C2 - 1 week ago

    San Antonio, TX, United States TEKsystems co Allegis Group Full time

    ** Must have an Active TS/SCI****Must have a GCFA certification and IAT level3 Cert*1SOC Experience (Incident response, Network Monitoring, threat hunting)2SIEM (Splunk, DEVO, Arcsight) Duties:• Review all IDS/IPS alerts and checklists at the AOL, COOP, or Ops FloorConduct host security monitoring, alert review, and intrusion detection analysis for the...

  • Cyber Security Operations Lead with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Sierra Vista, AZ, United States By Light Professional IT Services Full time

    Overview By Light Professional IT Services (By Light) are leading providers of innovative Information Technology (IT) services and communications support to the Department of Defense and Federal AgenciesBy Light is looking for personnel to support the Network Enterprise Technology Command (NETCOM) to successfully perform its core Army mission of providing...

  • Cyber System Defense Engineer with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Fort Belvoir, VA, United States Intelligent Waves LLC Full time

    Overview Intelligent Waves urgently seeks a highly skilled System Engineer for our esteemed Cyber Defense Assistance Program (CDAP) teamThis pivotal role is integral to our mission-critical efforts in support of our valued government partner at FtBelvoir, VAJoin us in delivering cutting-edge solutions and advancing cybersecurity initiatives with impactful...

  • Cyber Security Analyst with Security Clearance

    Found in: Careerbuilder One Red US C2 - 1 day ago

    Chantilly, VA, United States Cornerstone Defense Full time

    Title: Cyber Security Analyst Location: Chantilly, VA *Clearance: *Active TS/SCI w/ Polygraph needed to apply• Company Overview: Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.SGovernmentRealizing early on that our most prized assets are our employees, we continually focus our attention on...

  • Cyber Security Specialist with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    San Antonio, TX, United States Silotech Group, Inc Full time

    Overview Silotech Group provides Advanced Cyber Solutions, Intelligence Solutions, Enterprise/Cloud IT Services and Products, and Managed IT/Security Services to Federal, State, and Commercial clientsWe provide Federal Government and Commercial clients with customized, agile technical solutions focused on data, enterprise platforms, service engagement, and...

  • Cyber Network Defense Analysts

    Found in: Careerbuilder One Red US C2 - 1 week ago

    Arlington, VA, United States Base One Technologies Full time

    The CDNA uses information collected from a variety of sources to monitor network activity and analyze it for evidence of suspicious behaviorMonitoring and analysis are performed to identify and report events that occur, or might occur, within the network, in order to protect information, information systems, and networks from threatsResponsibilities:-...

  • Defensive Cyberspace Operations Analyst with Security Clearance

    Found in: Careerbuilder One Red US C2 - 2 weeks ago

    Fort Meade, MD, United States Strategic Resilience Group Full time

    SRG is seeking an experienced Defensive Cyberspace Operations Analyst to join our team of Cyber Operation Analysts and Subject Matter Experts (SMEs) to support planning, coordination, synchronization, and execution of offensive and defensive cyberspace operations in support of aligned combatant command and designated sub-unified commandsThis includes a deep...

  • Defensive Cyber Operations Subject Matter Expert

    7 days ago

    San Antonio, United States CareerBuilder Full time

    Defensive Cyber Operations Subject Matter Expert Lackland AFB, San Antonio, TX, USA Req #5532 Friday, August 11, 2023 TekPro Support Services, LLC (TSS) is seeking a D efensive Cyber Operations Subject Matter Expert Provide subject matter expertise (SME) on defensive cyber operations (DCO) for support to programming, acquisition, requirements, and weapon...

  • Cyber SME with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Arlington, VA, United States SAIC Full time

    Description Cyber SME Description Cyber Subject Matter Expert (SME) with strong knowledge and experience with Department of Defense and Intelligence Community practices in protecting National SecurityThis Cyber SME will be immersed into a fast - paced, deadline-oriented environment composed of a diverse team of analysts, linguists, cultural experts, and...

  • Cyber Intelligence Analyst with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Fort Meade, MD, United States Zachary Piper Solutions, LLC Full time

    Zachary Piper Solutions is seeking a Cyber Intelligence Analyst to support DODIN - DCO Internal Defensive Measures at FtMeade, MDThe Cyber Intelligence Analyst will be required to support defense cyber operations, while leveraging cyber threat intelligence and operational dataClearance: TS/SCI (required) Location: FtMeade, MD (On-site) Shift: M-FR (9AM-5PM)...

  • Cyber Security Analyst with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Arlington, VA, United States Zachary Piper Solutions, LLC Full time

    Zachary Piper Solutions provides advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for...

  • Cyber Defense Operator with Security Clearance

    Found in: Dice One Red US C2 - 7 days ago

    San Antonio, United States TEKsystems co Allegis Group Full time

    ** Must have an Active TS/SCI****Must have a GCFA certification and IAT level3 Cert*1. SOC Experience (Incident response, Network Monitoring, threat hunting)2. SIEM (Splunk, DEVO, Arcsight) Duties:• Review all IDS/IPS alerts and checklists at the AOL, COOP, or Ops Floor. Conduct host security monitoring, alert review, and intrusion detection analysis for...

  • CSWO Cyber Security Watch Officer with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Washington, DC, United States Leidos Full time

    R-00134284 Description Leidos has a current job opportunity for a Cyber Security Watch Officer (CSWO) at the PentagonThis position will work Day Shift (0600-1400)Position Summary:The incumbent will serve as a Cyber Security Watch Officer (CSWO) on the DISA GSM-O program supporting the Joint Service Provider (JSP) Joint Network Operation and Support Center...

  • Cyber Security Project Engineer with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Chantilly, VA, United States Cornerstone Defense Full time

    Title: Cyber Security Project Engineer Location: Chantilly, VA *Clearance: *Active TS/SCI w/ Polygraph needed to apply• Company Overview: Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.SGovernmentRealizing early on that our most prized assets are our employees, we continually focus our...

  • Cyber Operations Director with Security Clearance

    Found in: Careerbuilder One Red US C2 - 3 days ago

    Akron, OH, United States BGI, LLC Full time

    Position Summary This is a senior leadership position on the BGI Executive Management Team. The Director of Cyber Operations is responsible for corporate responsibilities as outlined in the Job Responsibilities paragraph and serves as the conduit to corporate vision and execution to every employee. This Director position is integral to the development and...

  • Cyber Warfare Instructor II

    Found in: Careerbuilder One Red US C2 - 1 day ago

    San Antonio, TX, United States Tyto Athene, LLC Full time

    Tyto is looking for a Cyber Warfare Instructor to join our San Antonio, TX teamThe instructor supports the Air Force's 39th Information Operations Squadron, Detachment 2 providing Cyberspace Operations instruction that will include heavy emphasis on Offensive Cyber Warfare (OCO)Roles and responsibilities include:• Plan, research, and analyze computer...