Cloud Cybersecurity Analyst (TS/SCI clearance)

Position Title: Cloud Cybersecurity Analyst
Position Location: Suitland, MD
Position Clearance: TS/SCI

Position Description:
Seeking a Cloud Cybersecurity Analyst to assist in the development and implementation of proprietary and innovative security solutions. Assess, manage and ensure compliance to risk reducing behaviors and processes. Facilitate workshops and direct stakeholder engagements to assess and develop current and future Cybersecurity program priorities, supporting activities, and roadmap.

Job Responsibilities Include:

• Continuously monitor cloud security systems using knowledge of AWS, vulnerability management, and DoD Risk Management Framework requirements across three enclaves (NIPR, SIPR, JWICS)
• Collaborate with infrastructure and platform teams on the cloud platform's security development
• Investigate security alerts with cross-team collaboration, OSINT, and DoD threat intelligence when necessary
• Implement and enhance the Continuous Monitoring Plan and processes to minimize false positives, false negatives, and increase overall efficiency
• Identify, characterize and provide solutions for information system threats
• Perform digital forensics and attack attribution, protection of critical networks, active systems warnings and indicators, detect active penetration into target systems, knowledge discovery of passive and active systems, and other computer network support operations.

Job Qualifications:

• Satisfaction of 8570 IAM III requirements
• 4+ years' experience in Information Assurance and Cybersecurity-related fields with an emphasis on hands-on roles
• 2+ years' experience contributing to and operating within complex enterprise Cybersecurity programs, ideally at a classified level within the DoD
• 2+ years' experience performing Continuous Monitoring, as well as conducting security evaluations and assessments
• 2+ years' experience supporting Cybersecurity functions within the cloud, AWS preferred
• 1+ years' experience with Kibana/Elastic Stack or similar applications such as Splunk for continuous monitoring, analysis, and visualization of data points
• Familiar with Security Operations Centers, common roles and responsibilities to convey industry needs and objectives
• Familiar with common network protocols and cryptographic concepts often seen in cloud network traffic (TCP/IP, DNS, SSH, HTTP/S, ICMP, SSL/TLS, etc.)
• Basic knowledge of common malware and threat actor Tactics, Techniques, and Procedures (TTP)
• Strong communications skills in reporting and explaining security concepts and events
• Ability to self-direct and take initiative in taking on new tasks or efforts, as well as researching concepts and application information when necessary

Job Preferred Qualifications:

• Experience with evaluating endpoint security configurations and Security Technical Implementation Guide (STIGs) checklists
• Basic knowledge of Linux distributions and the Windows operating system as well as Bash, MS-DOS, and PowerShell commands
• Experience with analyzing packet capture (PCAP) files with tools such as TCPdump, WireShark, TShark, etc
• Familarity with high level network traffic analysis using tools such as Zeek and NetFlow Traffic Analyzer

Security Clearance:

• TS/SCI

#M2
Ref: #850-Rockville (ALTA IT)