Jr. Cyber Incident Analyst

Job Description

ECS is seeking a Jr. Cyber Incident Analyst to work remotely .

ECS is seeking talented professionals to join our successful and growing team supporting the Cybersecurity and Infrastructure Security Agency's (CISA) Joint Cyber Defense Collaborative (JCDC) . The J CDC is CISA's flagship initiative for uniting government, industry, and international partners to proactively defend against cyber threats . Our ECS team is at the center of providing support to JCDC as they continue to plan, share, and respond to cyber threats in real time to support the great er cyber community and we are looking to grow our team supporting this critical mission.

We are looking for a J r. Cyber Incident Analyst for a team that provides deep technical analysis during active cyber incidents, including insights into vulnerabilities, adversarial tactics, and mitigation strategies across diverse environments like IT, OT/ICS, cloud, and AI systems . This position will support a team that interface s extensively with multiple organizations within CISA including Vulnerability Management (VM) and Threat Hunt (TH) to provide guidance and analysis on active cyber threats for JCDC partners . This position will assist in defining critical data sources for collection, inform processes, write detection rules, and analyze active and emerging cyber threats and incidents from across Federal Civilian Executive Branch (FCEB), Critical Infrastructure (CI ) and State, Local, Tribal and Territorial (SLTT) .

The J r. Cyber Incident Analyst will support a team that works closely with many stakeholders, including DHS CISA TH and VM, Agency security analysts / user groups, and the ECS team to ensure alignment between solution development and needs of stakeholders. The Analyst will perform research and assist with solutions for specific IOCs and IOAs. The Analyst will aid in defining tools, processes, and procedures for advancing Threat Hunting and Incident Response capabilities within CISA , FCEB, CI and SLTT .

Responsibilities:

• Perform analysis on active c yber incidents , events and vulnerabilities to provide guidance and targeted recommendations for mitigation
• Support the development of written guidance and recommendations to assist JCDC partners with solutions for active and ongoing cyber vulnerabilities
• Through hands-on analysis provide i nsights into vulnerabilities, adversarial tactics, and mitigation strategies across diverse environments like IT, OT/ICS, cloud, and AI systems
• Support a team in the translation of strategic products into clear, practical formats that are tailored to the specific needs and operational constraints of different stakeholder groups, including large and small jurisdictions and critical infrastructure (CI) partners
• Assist in the tailoring of vulnerability mit igation recommendations and contextualized examples to stakeholders to address implementation challenges and encourage rapid adoption

Salary Range: $124,000 - $133,000

General Description of Benefits

Required Skills

• ship and the ability to obtain and maintain a minimum of DHS (Suitability) EOD/ Public Trust
• 3 + Years of previous experience in a threat intelligence, cyber security, incident response, or similar role
• General u nder standing of computer and network fundamentals
• Basic u nderstanding of computer architecture, operating systems, vulnerabilities, encryption, or other areas of expertise
• E xperience defining data sources and writing detection rules for discovering malicious behavior
• Ability to assist with in-depth research tasks and produce written summaries to include insights and predictions based on an analytical process
• Excellent written and oral communication skills
• General understanding of current cyber threats/exploits, attack methodology , and detection techniques using a wide variety of security products including COTS and open source

Desired Skills

• Familiarity with the .gov Cyber Mission space and legal constraints applicable to civilian Government Agencies (e.g., FISMA)
• Experience collecting, analyzing, and categorizing threat intelligence data from multiple sources to author actionable intelligence reports
• Familiarity with at least one scripting language such as Python, and capable of manipulating data, interfacing with APIs, automating repetitive tasks, etc.
• Ability to interpret complex cybersecurity topics and effectively communicate or present information to various groups of stakeholders (Executives, SOC, etc.)
• Field-related certifications such as (CTIA, CEH, GREM, GCIH, GCFA)
• Experience with tools in both Linux and Windows environments
• Experience applying AI/ ML to identify anomalous behavior in security data, esp. using Elasticsearch
• Familiarity with MITRE ATT&CK and/or similar frameworks
• Familiarity with AI/ML concepts and applications
• Possess a TS security clearance and be SCI eligible
• DHS Entry on Duty (EOD) clearance

#ECS1

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3500+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.