Cyber Intel Analyst Sr
Job ID: 460101BR
Date posted: Nov. 06, 2018
City: Fort Meade
Description:Lockheed Martin invites you to step up to one of today’s most daunting challenges: the use of advanced electronics to undermine our way of life. As a cybersecurity professional at Lockheed Martin, you’ll protect the networks that our citizens and the world depend upon each minute: Financial assets. Healthcare information. Critical infrastructure. Hazardous materials. The uninterrupted flow of energy that keeps modern life moving. Here, you’ll work with cybersecurity experts on the forefront of threat protection and proactive prevention. In this fast-paced, real-world environment, you’ll draw on all of your education and experience as well as the resources of Lockheed Martin to keep the threats at bay.
The candidate will be a member of the Network Assurance Team supporting a US Government customer as part of our Scott AFB, IL. The candidate will perform cyber threat intelligence analysis, correlate actionable security events, perform network traffic analysis using raw packet data, net flow, IDS, IPS and custom sensor output as it pertains to the cyber security of communications networks, and participate in the coordination of resources during incident response efforts.
Enter into the cyber terrain that most people know only from headlines and sci-fi. Become part of the Cybersecurity Team at Lockheed Martin. You are meant to make a difference.
-Hold DoD-8570 baseline certification (Security+, CEH, CYSA+, CISSP, or equivalent).
-Possess an active Top Secret/SCI security clearance.
-Practical experience with cyber specific analysis tools
-General understanding of intrusion detection and response
-Working knowledge of TCP/IP, common networking ports and protocols, network traffic flow, countermeasure techniques, OSI model, defense-in-depth, Cyber Kill Chain or similar attack model.
-Willing to perform shift work.
-Computer Network Defense experience (Protect, Detect, Respond, and Sustain) within a Computer Incident Response organization.
-Demonstrated understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set Tactics, Techniques, and Procedures.
-Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, Full Packet Capture), and other artifacts in support of incident investigations.
-In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk).
-Experience and proficiency with any of the following: Anti-Virus, HIPS, IDS/IPS, Wireshark, Full Packet Capture, Host-Based Forensics, Network Forensics, intel threat analysis.
-Familiar with encryption methods and encoding of data
-Experience with malware analysis concepts and methods.
-UNIX/LINUX command line experience.
-Scripting and programming experience.
-Motivated self-starter with strong written and verbal communications skills, and the ability to create complex technical reports on analytic findings.
Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
As a leading technology innovation company, Lockheed Martin’s vast team works with partners around the world to bring proven performance to our customers’ toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.
Join us at Lockheed Martin, where we’re engineering a better tomorrow.
Experience Level: Experienced Professional
Business Unit: ESS6500 RMS
Relocation Available: No
Career Area: Information Security/Information Assurance
Clearance Level: TS/SCI
Type: Task Order/IDIQ
Virtual Location: no
Work Schedule: TEMPO: ROTATING - 40 hrs/wk; No default hours/days