Defensive Cyber Operations Analyst

Job Description

Dark Wolf Solutions is looking for a Defensive Cyber Operations Analyst who will perform continuous system monitoring to identify malicious cyber-attacks while supporting the containment, and remediation of IT threats. Additionally, this position will monitor networks and applications to identify a possible cyber-attack or intrusion and help coordinate and report on the cyber incident responses.

Key Responsibilities:

Vulnerability Management actions to include providing recommendations. Implement mitigations.

Active monitoring of Defensive Cyber Operations (DCO) systems

Conduct intrusion analysis and correlation of unauthorized activities; provide and implement recommendations to improve customer mitigation processes

Perform threat insight processes to provide analysis to support mitigation and remediation activities

Analyze cyber incidents, correlate incident details, and formulate and implement response actions with guidance from leadership

Participate in Root Cause Analysis process and documentation capturing efforts taken to mitigate unauthorized actions

Participate in the development of DCO tactics, techniques, and procedures

Participate in the development of DCO concept of operations, processes, and procedures

Identify security discrepancies and report and respond to security incidents

Provide research and analysis in support of expanding programs and areas of responsibility

Draft documentation for briefings, reports, and informational analyses

Assist in the development of local Tactics, Techniques, and Procedures (TTPs)

Participate in customer exercises (after duty hours may be required)

Adhere to defined policies, master plans and schedules

Complete all initial and annual training requirements and disclosures as outlined by BSTG

Perform all other duties as required, consistent with the goals, objectives, and responsibilities of the department

Required Qualifications:

4+ years of relevant experience

2+ years of experience with a SIEM Tool (LogRhythm, Splunk)

2+ years of experience with employment of DoD cybersecurity requirements, policies, and procedures to include assessment and authorization activities

Experience within a vSOC, SOC, or CSSP responding to cyber incidents

Department of Defense Directive (DoDD) 8140 (formerly DoDD 8570) IAT CSSP Certification must be obtained prior to hire (CEH, CCNA Security, GCIH, CySA+ or Equivalent)

Bachelor's degree in Computer Science, Information Technology, or a related field

US Citizenship and an active Top Secret/SCI security clearance required

Desired Qualifications:

Experience performing cybersecurity activities in support of software and system requirements, design, development, testing, and sustainment

Experience with HBSS, ACAS, SCAP Compliance Checker (SCC), DISA STIGs

Working knowledge of NIST 800-53 Security and Privacy Controls

Experience with RHEL

Experience in performing post-incident computer forensics without destruction of critical data

Ability to provide guidance on DoD Cyber regulations and requirements to engineering and software development staff

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

Full-time