Cybersecurity Signature Analyst
2 months ago
Our client is seeking a Cybersecurity Signature Analyst:
Reporting to the Lead of Focused Operations, under the Branch Chief of Defensive Cyber Operations, you will be tasked with developing and maintaining defensive countermeasures for the enterprise. Working within a Fusion model, will collaborate with other teams within Focused Operations with the distinct task of proactively preventing a successful compromise and eradicating persistent adversaries already in the enterprise. This will be done through various means such as: reviewing future and past intelligence reports, reviewing incident reports, through regular Purple Teaming exercises, and continuously validating Defensive Countermeasures already deployed.
What You'll Get to Do:
- Analyzes trends and patterns of data on NGA networks to identify and predict previously undiscovered events and incidents, and develop or tune rules/signatures/scripts as needed;
- Coordinates with other Cybersecurity Operations to develop or tune rules/signatures/scripts;
- Coordinates with other Cybersecurity Operations Services to investigate and obtain information about potential sources of compromise on NGA systems, and develop or tune rules/signatures/scripts as needed;
More About the Role:
- Correlates and analyzes precursors to incidents, and develop or tune rules/signatures/scripts as needed;
- Improve SIEM alert efficiency though evaluation of valid alerts and false positives, and develop or tune rules/signatures/scripts as needed;
- Assists the Cyber Incident Response Team by assessing ongoing incident activity to predict adversary responses and locations of compromise;
- Documents all work in the authorized ticketing system with a sufficient level of detail to ensure the Government and other contract services can systematically reconstruct the analysis;
- Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report;
You'll Bring These Qualifications:
- Must be a US Citizen with an Active TS/SCI.
- 8+ years of related advanced cyber security analytics work experience.
- Must have a certification that is compliant with DoD 8140.01 and DoD 8570.01-M IAT Level III and CSSP Analyst.
- Experience with data mining or building queries in a SIEM.
- Strong understanding of signature development and tuning.
- Strong understanding of network protocols and analysis with protocol analyzers.
- Knowledge of static file signatures, i.e. "magic numbers" and how it applies to developing countermeasures for files in transit and that reside locally on a host.
- Good working knowledge of regular expressions.
- Preferred Skills:
- Comfortable in a hex editor.
- Ability to write python/bash/powershell scripts.
- Ability to analyze each use case, as it pertains to detection logic, and identify the corresponding capability.
- Good understanding of Purple Team Tactics.
-
Senior Cybersecurity Analyst, TS/SCI
1 week ago
Springfield, Virginia, United States GuidePoint Security Full timeGuidePoint Security offers reliable cybersecurity expertise, solutions, and services that empower organizations to make informed decisions and reduce risk. By employing a comprehensive, three-tiered approach to assess security posture and ecosystems, GuidePoint assists some of the nation's leading organizations, including Fortune 500 companies and U.S....
-
Cybersecurity Operations Analyst
1 week ago
Springfield, Virginia, United States Abile Group, Inc. Full timeOverview:Abile Group presents a compelling opportunity for a Cybersecurity Operations Analyst, focusing on CSOC Tier 2 and 3 roles within a long-term contract dedicated to providing Network and Cybersecurity services for an Intelligence Community client. The team will collaborate to deliver transport and cybersecurity IT services across various networks and...
-
Cybersecurity Program Analyst
2 weeks ago
Springfield, Illinois, United States TRINITY GLOBAL CONSULTING Full timeJob OverviewPosition Summary:We are seeking a skilled Program Analyst to play a pivotal role in supporting the Cybersecurity Office of the National Geospatial-Intelligence Agency. The primary focus of this position is to act as the principal scheduler for the Integrated Master Schedule of the Cybersecurity Office.The selected candidate will collaborate with...
-
Senior Cybersecurity Analyst
2 weeks ago
Springfield, Illinois, United States ALTA IT Services Full timeJob OverviewPosition: Senior Cybersecurity AnalystClearance Level: TOP SECRET/SCILocation: RemoteKey Responsibilities:As a Senior Cybersecurity Analyst, you will be instrumental in safeguarding our digital infrastructure. Your primary responsibilities will include:Delivering comprehensive cyber threat intelligence services by collecting, analyzing, and...
-
Cybersecurity Engineer
1 month ago
Springfield, United States USAJobs Full timeDutiesADDITIONAL INFORMATION: This CIO-T (IT Services Directorate) position resides within the Cyber Security Office (TES), Cyber Technology and Monitoring Division (TESC) at NGA Washington.The Cybersecurity Office (TES) safeguards the NGA mission through collaborative, forward-leaning, and risk-balanced solutions to ensure trust in GEOINT services and...
-
Cybersecurity Systems Analyst
2 weeks ago
Springfield, Virginia, United States Parsons Company Full timeJoin Our Team as a Cybersecurity Systems AnalystAt Parsons, we believe in creating a workplace filled with diverse opportunities. Our mission is to foster an environment where you can thrive and contribute to meaningful projects. If you envision a career where you can be yourself and work alongside intelligent individuals, we have the perfect opportunity for...
-
Lead Cybersecurity Solutions Engineer
2 weeks ago
Springfield, Virginia, United States Strategic ASI Full timeStrategic ASI is looking for a Lead Cybersecurity Solutions Engineer to enhance our team. Key Responsibilities: Facilitate Cyber Operations initiatives to ensure the timely publication of updated cybersecurity tool signatures. Conduct in-depth analysis, including reverse engineering of malware, to investigate intrusions, anomalies, and malicious...
-
Cybersecurity Risk Analyst
2 weeks ago
Springfield, Illinois, United States State of Illinois Full timeAgency: State of Illinois Salary: $75,035 - $92,205 Job Type: Hourly Number of Vacancies: 1 ****************A RESUME IS REQUIRED FOR THIS JOB POSTING****************Please attach a DETAILED Resume/Curriculum Vitae (CV) to the MY DOCUMENTS section of your application. You WILL NOT be considered for the position if you attach a CMS100, CMS100b or any other...
-
Cybersecurity Operations Analyst
2 weeks ago
Springfield, Virginia, United States General Dynamics Information Technology Full timeType of Requisition:RegularClearance Level Must Currently Possess:Top Secret SCI + PolygraphClearance Level Must Be Able to Obtain:Top Secret SCI + PolygraphSuitability:Public Trust/Other Required:Job Family:Cyber SecurityJob Qualifications:Skills:Cybersecurity, HP ArcSight, SIEM ToolsCertifications:Experience:3 + years of related experienceUS Citizenship...
-
Senior Cybersecurity Specialist
2 weeks ago
Springfield, Illinois, United States Oracle Full timePosition OverviewAs a leader in cloud technology, Oracle is dedicated to delivering a comprehensive suite of integrated cloud services within a vast, multi-tenant environment. We are focused on empowering our clients to achieve success through innovative cloud solutions.We are currently seeking a seasoned Senior Cybersecurity Specialist to join our Oracle...
-
Cybersecurity Program Coordinator
2 weeks ago
Springfield, Illinois, United States Integrated Intel Solutions Full timeJob OverviewPosition: Program Analyst (L3)Role Summary:We are seeking a skilled Program Analyst to play a pivotal role in supporting the Cybersecurity Office at Integrated Intel Solutions. This position focuses on being the primary project scheduler, responsible for managing the Integrated Master Schedule.Key Responsibilities:Act as the lead scheduler for...
-
Cybersecurity Risk Analyst
1 week ago
Springfield, Illinois, United States State of Illinois Full timeAgency: State of Illinois Salary: $75,035 - $92,205 Job Type: Hourly Number of Vacancies: 1 ****************A RESUME IS REQUIRED FOR THIS JOB POSTING****************Please attach a DETAILED Resume/Curriculum Vitae (CV) to your application. You WILL NOT be considered for the position if you attach any document that is not a Resume or CV.Position...
-
Cybersecurity Intelligence Analyst
2 weeks ago
Springfield, Illinois, United States Booz Allen Hamilton Full timePosition Overview:As a Cybersecurity Intelligence Analyst at Booz Allen Hamilton, you will delve into various data sources, crafting effective queries and synthesizing information from multiple origins to provide insights into the operational landscape of our clients. Your role will involve validating data and employing client methodologies to formulate...
-
Cybersecurity Intelligence Analyst
2 weeks ago
Springfield, Illinois, United States Booz Allen Hamilton Full timePosition Overview:As a Cybersecurity Intelligence Analyst at Booz Allen Hamilton, you will delve into diverse data sources, formulate effective queries, and integrate information from various origins to assist clients in comprehending their operational landscape. Your role will involve validating data and employing client methodologies to develop assessments...
-
Cybersecurity Vulnerability Specialist
5 days ago
Springfield, Illinois, United States V2X Full timeJob DescriptionJob Summary:V2X is seeking a highly skilled Cybersecurity Vulnerability Specialist to join our team. As a key member of our cybersecurity team, you will be responsible for developing and executing our continuous vulnerability assessment strategy.Key Responsibilities:Develop and Execute Vulnerability Assessment Strategy: Develop and execute the...
-
Cybersecurity Intelligence Analyst
1 week ago
Springfield, Illinois, United States Booz Allen Hamilton Full timePosition Overview:As a Cybersecurity Intelligence Analyst at Booz Allen Hamilton, you will delve into diverse data sources, crafting precise queries and synthesizing information from various origins to assist clients in comprehending their operational landscape. Your role will involve validating data and employing analytical techniques to formulate...
-
Cybersecurity Intelligence Analyst
2 weeks ago
Springfield, Illinois, United States Booz Allen Hamilton Full timePosition Overview:As a Cybersecurity Intelligence Analyst at Booz Allen Hamilton, you will delve into various data sources, formulate effective queries, and integrate information from multiple origins to assist clients in comprehending their operational landscape. Your role will involve validating data and applying client-specific methodologies to create...
-
Cybersecurity Intelligence Analyst
2 weeks ago
Springfield, Illinois, United States Booz Allen Hamilton Full timePosition Overview:As a Cybersecurity Intelligence Analyst at Booz Allen Hamilton, you will delve into diverse data sources, formulate effective queries, and integrate information from various origins to assist clients in comprehending their operational landscape. Your role will involve validating data and employing client methodologies to develop assessments...
-
Cybersecurity Intelligence Analyst
1 week ago
Springfield, Illinois, United States Booz Allen Hamilton Full timePosition Overview:As a Cybersecurity Intelligence Analyst at Booz Allen Hamilton, you will delve into various data sources, crafting effective queries and synthesizing information from multiple origins to provide insights into mission-critical environments. Your role will involve validating data and employing client-specific methodologies to develop...
-
Cybersecurity Threat Analyst
5 days ago
Springfield, Virginia, United States GuidePoint Security Full timeAbout the RoleGuidePoint Security is seeking a highly skilled Vulnerability Management Specialist to join our team. As a key member of our cybersecurity team, you will be responsible for executing vulnerability scans, analyzing scan results, and reporting on findings. You will also be responsible for building and implementing automated vulnerability...