Senior Cyber Security Analyst - Counter Cyber

ACD, Protocols, Windows, Unix, Linux, System, Network, Computer, VM, Testing, Recruiter
Full Time
Work from home available

Job Description


The ability of the AFCERT to complete its mission is dependent upon accurate, timely and thorough conduct of network traffic analysis and log analysis to evaluate intruder activities utilizing host and network-based monitoring and system logs. Correlate information gathered to provide the AFCERT effective methods to protect AF networks and associated domains and enclaves related to the AFCERT ACD weapon system for mission execution. Defensive Counter-Cyber contractor employees may be required to provide 24 hour coverage (work) for seven (7) days a week, 365 days a year with zero tolerance for error.
• Perform threat hunting for suspicious activity based on anomalous activity and indicators of compromise from various intelligence sources and toolsets.
• Comply with 3rd party MOU/MOA monitoring and reporting requirements. (CDRL A002)
• Identify intrusions and vulnerabilities and recommend mitigation strategies and techniques to secure networks.
• Identify, analyze and develop defensive counter cyber measures to thwart advanced persistent threats and intrusions of AF networks, domains and enclaves.
• Conduct and support Defensive Counter Cyber Operations to interactively search for Advanced Persistent Threats (APT) and Indicators of Compromise (IOC) using enhanced data collection and analysis methods.
• Provide incident response impact assessments.
• Produce network security posture assessments.
• Analyze systems for suspicious activities related to the DCO mission
• Determine exploitation methods and attack vectors.
• Create and document metrics for reporting and analysis to improve weapon system processes, procedures, and mission execution.
• Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures.
• Provide requested information to operational flight commander as it relates to the Incident Response processes and procedures.
• Utilize the Mitre ATT&CK Matrix in performance of duties.

Bowhead seeks to network with qualified individuals relative to a potential opportunity, which is contingent upon award and not currently funded. Please click the link at the bottom of this posting to apply for consideration. Incumbent employees are encouraged to respond. No solicitations or third party applications will be accepted.
In accordance with Executive Order 14042: Ensuring Adequate COVID Safety Protocols for Federal Contractors, candidates should be aware that they may be required to have received or be willing to receive the COVID-19 vaccine by date of hire. All job offers in connection with a covered contract may be contingent upon providing proof of vaccination prior to your anticipated start date.

More than five (5) years of experience with extensive knowledge of Operating systems fundamentals (Windows and/or Unix/Linux), System administration (Windows and/or Unix/Linux), Network traffic analysis, Penetration testing, Network security, Incident response & Incident response handling, Computer and network forensics, Vulnerability and malware analysis. Extensive knowledge of network firewalls, computer and server log analysis, computer network servers (DNS, proxy, e-mail, domain controller, file server, Active Directory) and analysis of their logs;
extensive knowledge of digital evidence collection, handling and security; experience with computer incident response and analysis and report dissemination; extensive knowledge and experience with network packet capture and analysis software such as WireShark (Ethereal) and Snort; experience with standard DoD network topology and DMZ boundary protection; experience with system analysis software (i.e.
EnCase/EnCase Enterprise or FTK), software coding and debugging, and the virtual machine (VM) environment. Expert knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects)

Certification Requirements:
• IAT Level III CND compliance.

SECURITY CLEARANCE REQUIREMENTS: Must currently hold a security clearance at the Top Secret/SCI level. US Citizenship is a requirement for Top Secret clearance at this location.

Applicants may be subject to a pre-employment drug & alcohol screening and/or random drug screen, and must follow UIC's Non-DOT Drug & Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicant's resume/application may be subject to verification.

Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification. In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes.

UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOE/AA/M/F/D/V. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act.

All candidates must apply online at, and submit a completed application for all positions they wish to be considered. Once the employment application has been completed and submitted, any changes to the application after submission may not be reviewed. Please contact a UIC HR Recruiter if you have made a significant change to your application. In accordance with the Americans with Disabilities Act of 1990 (ADA), persons unable to complete an online application should contact UIC Human Resources for assistance (

UIC Government Services (UICGS / Bowhead) provides innovative business solutions to federal and commercial customers in the areas of engineering, maintenance services, information technology, program support, logistics/base support, and procurement. Collectively, the fast-growing Bowhead Family of Companies offers a breadth of services which are performed with a focus on quality results. Headquartered in Springfield, VA, we are a fast-growing, multi-million-dollar corporation recognized as one of the top 25 8(a) companies for government contracting.

Bowhead offers competitive benefits including medical, dental, vision, life insurance, accidental death and dismemberment, short/long-term disability, and 401(k) retirement plans as well as a paid time off programs for eligible full-time employees. Eligible part-time employees are able to participate in the 401(k) retirement plans and state or contract required paid time off programs.

Link to Apply:

  • UIC and its Family of Companies is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOE/AA/M/F/D/V.
  • Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
  • Please view Equal Employment Opportunity Posters provided by OFCCP here .
  • The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
  • Dice Id : 10122062
    Position Id : 21-0343
    Originally Posted : 1 year ago
    Have a Job? Post it

    Similar Positions

    Senior Cyber Security Analyst - Tactics Development
    • Bowhead Holding Company
    • San Antonio, TX, USA
    Senior Cyber Security Analyst - Forensic Malware
    • Bowhead Holding Company
    • San Antonio, TX, USA
    Senior Cyber Security Analyst - Standardization & Evaluation
    • Bowhead Holding Company
    • San Antonio, TX, USA
    Tactics Development Analyst (TS/SCI clearance)
    • Red River Technology LLC
    • San Antonio, TX, USA
    Principal or Sr Principal Cyber Systems Engineer (DevOps)
    • Northrop Grumman
    • San Antonio, TX, USA
    Windows Administrator
    • General Dynamics Mission Systems
    • San Antonio, TX, USA
    CIS - Cyber and Network Security Faculty
    • ECPI University
    • San Antonio, TX, USA
    Windows Administrator
    • Leidos
    • San Antonio, TX, USA