Overview
Skills
Job Details
Cloud Cybersecurity Analyst Suitland, MD TS/SCI clearance required
Seeking a Cloud Cybersecurity Analyst to assist in the development and implementation of proprietary and innovative security solutions. Assess, manage and ensure compliance to risk reducing behaviors and processes. Facilitate workshops and direct stakeholder engagements to assess and develop current and future Cybersecurity program priorities, supporting activities, and roadmap.
Job Responsibilities Include:
Continuously monitor cloud security systems using knowledge of AWS, vulnerability management, and DoD Risk Management Framework requirements across three enclaves (NIPR, SIPR, JWICS)
Collaborate with infrastructure and platform teams on the cloud platform s security development
Investigate security alerts with cross-team collaboration, OSINT, and DoD threat intelligence when necessary
Implement and enhance the Continuous Monitoring Plan and processes to minimize false positives, false negatives, and increase overall efficiency
Identify, characterize and provide solutions for information system threats
Perform digital forensics and attack attribution, protection of critical networks, active systems warnings and indicators, detect active penetration into target systems, knowledge discovery of passive and active systems, and other computer network support operations.
Job Qualifications:
Satisfaction of 8570 IAM III requirements (CISM, CISSP, or GLSC)
4+ years experience in Information Assurance and Cybersecurity-related fields with an emphasis on hands-on roles
2+ years experience contributing to and operating within complex enterprise Cybersecurity programs, ideally at a classified level within the DoD
2+ years experience performing Continuous Monitoring, as well as conducting security evaluations and assessments
2+ years experience supporting Cybersecurity functions within the cloud, AWS preferred
1+ years experience with Kibana/Elastic Stack or similar applications such as Splunk for continuous monitoring, analysis, and visualization of data points
Familiar with Security Operations Centers, common roles and responsibilities to convey industry needs and objectives
Familiar with common network protocols and cryptographic concepts often seen in cloud network traffic (TCP/IP, DNS, SSH, HTTP/S, ICMP, SSL/TLS, etc.)
Basic knowledge of common malware and threat actor Tactics, Techniques, and Procedures (TTP)
Strong communications skills in reporting and explaining security concepts and events
Ability to self-direct and take initiative in taking on new tasks or efforts, as well as researching concepts and application information when necessary
Job Preferred Qualifications:
Experience with evaluating endpoint security configurations and Security Technical Implementation Guide (STIGs) checklists
Basic knowledge of Linux distributions and the Windows operating system as well as Bash, MS-DOS, and PowerShell commands
Experience with analyzing packet capture (PCAP) files with tools such as TCPdump, WireShark, TShark, etc
Familiarity with high level network traffic analysis using tools such as Zeek and NetFlow Traffic Analyzer