Cyber Security Operations Analyst, Lead.
3 weeks ago
Cyber Security Operations Analyst, Lead
BOOST LLC is a dynamic management consulting firm that offers an array of government-compliant back-office solutions to support our teaming partners within the GovCon space. Our consultants are experts in the areas of Accounting, Contracts, Human Resources, Recruiting & Sourcing, and Strategic Pricing and our passion is to guide and propel our partners towards success within this competitive sector.
BOOST LLC is partnering with our client, Spahr Solutions Group, to recruit a qualified Cyber Security Operations Analyst, Lead. We are seeking a Cyber Security Operations Analyst to provide technical support for our customer Defense Threat Reduction Agency (DTRA) in For Belvoir VA.
Responsibilities & Qualifications
RESPONSIBILITIES
- Collect and analyze network and/or host artifacts from a variety of sources to include logs, system images and packet captures to characterize activity, determine root cause, operational impact, and to enable rapid remediation and/or mitigation of cyber threats within the Enterprise Network through the investigation process.
- Perform cyber incident triage; to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.
- Provide expert technical support and perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support subordinate organizations and system owners.
- Manage and document cyber defense incidents from initial detection through final resolution methods.
- Maintain an average of at least two new detection use cases per month during each year of contract execution. Detection use cases shall be based on current threats, the MITRE ATT&CK framework, or Government direction.
- Maintain metadata for all detection use cases to include use case owner, number of false positives identified, number of true positives identified, and average time to execute (based on incident detection monitoring analyst feedback).
- Analyze all completed incident records and make improvements to related detection use cases.
- Conduct refinements to correlation rules, filters, signatures, or plays to enhance overall effectiveness by lowering false-positive rates. Track and validate refinement requests and provide metrics on these activities monthly.
- Assist with develop methods for automating the execution of incident detection use cases that result in false-positive rates below 10%. Provide monthly reports on new automation actions and their results.
- At the direction and under the supervision of Government personnel, validate the effectiveness of any plays created by emulating adversary tactics to trigger the necessary alerts (blue team).
- Demonstrate effectiveness by creating detection use cases that successfully detect Red Team (penetration testing) activity.
- Utilize the MITRE ATT&CK matrix and other threat frameworks to develop detection use cases. Continually refine these processes with the goal of automating their execution.
- Provide subject matter expertise in creation, editing, and management of signatures, rules and filters for specialized network defense systems including but not limited to network and ESS IDS, IPS, firewall, web application firewall, proxy and SIEM systems.
- Analyze SIEM views daily to ensure views support detection and response operations. Modify SIEM views to eliminate false-positive or unnecessary alerts.
REQUIRED QUALIFICATIONS
- BS 5-7 Years, MS 3-5, PhD 0-2
- Experience with cyber security architecture principles that achieve cybersecurity framework goals.
- Minimum of a Top-Secret Clearance.
- DOD 8570 IAT II and CSSP Analyst Certification
WORK ENVIRONMENT AND PHYSICAL DEMANDS
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.
- Location: Fort Belvoir, VA
- Type of environment: Fast paced, deadline-oriented environment
- Noise level: Medium
- Work schedule: Overnight Shift
- Amount of Travel: 10%
PHYSICAL DEMANDS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus.
WORK AUTHORIZATION/SECURITY CLEARANCE
- US Citizen
- Active DoD Top Secret Clearance
OTHER DUTIES
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
BOOST LLC is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
-
Red Team Cyber Analyst
2 months ago
Fort Belvoir, United States Amentum Full timeRed Team Cyber AnalystRed Team Cyber Analysts (RCA) are responsible for providing direct strategic and tactical analytic support to the DoD Red Team. RCAs drive the strategic direction of cyber operations by selecting cyber targets and identifying cyber enabling actions from an adversary perspective. RCAs are responsible for the management, communication,...
-
Red Cell Cyber Analyst
2 months ago
Fort Belvoir, United States Amentum Full timeRed Team Cyber Analysts (RCA) are responsible for providing direct strategic and tactical analytic support to the DoD Red Team. RCAs drive the strategic direction of cyber operations by selecting cyber targets and identifying cyber enabling actions from an adversary perspective. RCAs are responsible for the management, communication, and presentation of...
-
Red Team Cyber Analyst
2 months ago
Fort Belvoir, Virginia, United States Amentum Full timeRed Team Cyber Analysts (RCA) are responsible for providing direct strategic and tactical analytic support to the DoD Red Team. RCAs drive the strategic direction of cyber operations by selecting cyber targets and identifying cyber enabling actions from an adversary perspective. RCAs are responsible for the management, communication, and presentation of...
-
Red Team Cyber Analyst
2 months ago
Fort Belvoir, United States Amentum Full timeRed Team Cyber Analyst Red Team Cyber Analysts (RCA) are responsible for providing direct strategic and tactical analytic support to the DoD Red Team. RCAs drive the strategic direction of cyber operations by selecting cyber targets and identifying cyber enabling actions from an adversary perspective. RCAs are responsible for the management,...
-
Red Team Cyber Analyst
2 months ago
Fort Belvoir, United States Amentum Full timeRed Team Cyber Analysts (RCA) are responsible for providing direct strategic and tactical analytic support to the DoD Red Team. RCAs drive the strategic direction of cyber operations by selecting cyber targets and identifying cyber enabling actions from an adversary perspective. RCAs are responsible for the management, communication, and presentation of...
-
Red Team Cyber Analyst
2 months ago
Fort Belvoir, United States Amentum Full timeRed Team Cyber Analyst Red Team Cyber Analysts (RCA) are responsible for providing direct strategic and tactical analytic support to the DoD Red Team. RCAs drive the strategic direction of cyber operations by selecting cyber targets and identifying cyber enabling actions from an adversary perspective. RCAs are responsible for the management,...
-
Red Cell Cyber Analyst
1 month ago
Fort Belvoir, United States Amentum Full timeRed Team Cyber Analysts (RCA) are responsible for providing direct strategic and tactical analytic support to the DoD Red Team. RCAs drive the strategic direction of cyber operations by selecting cyber targets and identifying cyber enabling actions from an adversary perspective. RCAs are responsible for the management, communication, and presentation of...
-
Cyber Threat Intelligence Analyst
2 weeks ago
Fort Belvoir, United States Sentar Full timeCyber Threat Intelligence AnalystSentar - Fort Belvoir, VASentar is dedicated to developing the critical talent that the connected world demands to create solutions to address the convergence of cybersecurity, intelligence, analytics, and systems engineering. We invite you to join the small business team where you can build, innovate, and secure your...
-
Cyber Threat Intelligence Analyst
3 weeks ago
Fort Belvoir, Virginia, United States Sentar Full timeCyber Threat Intelligence AnalystSentar - Fort Belvoir, VASentar is dedicated to developing the critical talent that the connected world demands to create solutions to address the convergence of cybersecurity, intelligence, analytics, and systems engineering. We invite you to join the small business team where you can build, innovate, and secure your...
-
Cyber Operations
2 months ago
Fort Belvoir, United States Oneida Technical Solutions LLC Full timeOneida Technical Solutions, LLC (OTS), was founded in 2014 and quickly established itself as a reliable partner capable of providing a variety of information technology and cyber solutions across highly complex, highly regulated and highly secure environments, including the U.S. Department of Defense (DoD), healthcare, higher education, law enforcement,...
-
Cyber Security Engineering SME
2 months ago
Fort Belvoir, United States Oneida Technical Solutions Full timeJob DescriptionJob DescriptionOneida Technical Solutions, LLC (OTS), was founded in 2014 and quickly established itself as a reliable partner capable of providing a variety of information technology and cyber solutions across highly complex, highly regulated and highly secure environments, including the U.S. Department of Defense (DoD), healthcare, higher...
-
Cyber Blue Team Analyst
2 months ago
Fort Belvoir, United States Applied Research Associates (ARA) Full timeThe Capital Area Division (CAD) of Applied Research Associates, Inc. (ARA) is building a team to conduct cyber assessments of vulnerabilities of critical U.S. and Allied systems, networks, infrastructures, and assets. Our team will support the Defense Threat Reduction Agency’s Nuclear Enterprise Support Directorate (NE)’s Mission Assurance Department...
-
Cyber Operations
1 month ago
Fort Belvoir, United States Oneida Technical Solutions Full timeJob DescriptionJob DescriptionOneida Technical Solutions, LLC (OTS), was founded in 2014 and quickly established itself as a reliable partner capable of providing a variety of information technology and cyber solutions across highly complex, highly regulated and highly secure environments, including the U.S. Department of Defense (DoD), healthcare, higher...
-
Cyber Operations Lead, Sbg
1 month ago
Fort Belvoir, United States Sbg Technology Solutions Inc Full time**Overview** **Responsibilities**: - Work closely with other teams and business stakeholders to gather requirements. - Collaborate with other SMEs to implement data management strategies to support operations goals and outcomes based on stakeholder requirements. - Engage with stakeholders, collect requirements, verify deliverables, and promote high-quality...
-
Cyber Security Analyst
1 month ago
Fort Worth, United States TekWissen LLC Full timeJob DescriptionJob DescriptionOverview: Tekwissen group is a workforce management provider throughout the USA and many other countries in the world. This client is an American industrial conglomerate based in Providence, Rhode Island. It was founded by Royal Little in 1923 as the Special Yarns Company. In 2020, this client employed over 33,000 people in 25...
-
Cyber Threat Intelligence Analyst
3 days ago
Fort Belvoir, United States Wits Solutions Inc Full timeJob DescriptionJob DescriptionWits Solutions Inc. (WITS) is a SBA certified 8(a) company with headquarters in the metropolitan Washington D.C. area. WITS has been providing best-in-class solutions in professional IT and administrative consulting to various Federal, State, Local and commercial customers. At WITS, we believe in working not for our clients but...
-
Cyber Threat Intelligence Analyst
2 minutes ago
Fort Belvoir, United States Wits Solutions Inc Full timeJob DescriptionJob DescriptionWits Solutions Inc. (WITS) is a SBA certified 8(a) company with headquarters in the metropolitan Washington D.C. area. WITS has been providing best-in-class solutions in professional IT and administrative consulting to various Federal, State, Local and commercial customers. At WITS, we believe in working not for our clients but...
-
Cyber Security Analyst
2 months ago
Fort Worth, United States Butler America Full timeCyber Security Analyst Location: Fort Worth, TX Job ID: #69210 Pay Range: $45-75 Duration: 12 mos In this position, you will provide hands-on, technical security leadership to our team tasked with developing leading-edge collaboration in digital engineering and model-based enterprise technologies. You must be a highly motivated, self-driven team player...
-
Senior Cyber Blue Team Analyst
2 months ago
Fort Belvoir, United States Applied Research Associates (ARA) Full timeThe Capital Area Division (CAD) of Applied Research Associates, Inc (ARA) is building a team to conduct cyber assessments of vulnerabilities of critical U.S. and Allied systems, networks, infrastructures, and assets. Our team will support the Defense Threat Reduction Agency’s Nuclear Enterprise Support Directorate (NE)’s Mission Assurance Department (MA)...
-
Cyber Threat Intelligence Analyst
3 days ago
Fort Belvoir, United States Avint Full timeJob DescriptionJob DescriptionAvint is seeking a Cyber Threat Intelligence Analyst to join our growing team! This position is in Fort Belvoir, Virginia and requires an Active Top Secret/SCI clearance.*Applicants who reside outside of the DMV area and who do not have an Active Active Top Secret/SCI clearance will NOT be considered*Position...
