Cybersecurity Hunt Team / Computer Forensic & Intrusion Analyst - is responsible for ensuring information security efforts are implemented as a function of the Information Technology Engineering life cycle to reduce risks, respond to incidents and limiting exposure to liability and risk to technology systems, networks, and applications. Candidate will apply existing strong policy and process knowledge, as well as deep skill and expertise, for the development and implementation of security standards, procedures, guidelines and tools for multiple platforms and diverse system environments. Must be a team player, willing to work challenging assignments and tasks concerning Cyber Security, Information Assurance and Computer Network Defense policy, procedures and guidance; must be willing to travel, on occasion, throughout the AOR (which includes Afghanistan, Iraq, Bahrain, Qatar, and other Southwest Asia nations).
Primary Job Responsiblilities:
- Implement Cyber Security processes for the Cyber Operations / Cybersecurity Operations Cell (CSOC) Branch and Hunt team; develop tools and processes to define, deter, detect and defend USCENTCOM networks against internal and external threats attempting to gain access or exploit critical information, infrastructure and systems.
- Candidate will participate as a member of integrated government/contractor teams of technical and subject matter experts conducting Cyber Security, Information Assurance / Computer Network Defense (IA/CND), Incident Handling and Response in support of HQ USCENTCOM.
- Independently conduct Hunt operations using combinations current threat intelligence, individual research, statistical analysis, and industry standard tools.
- Duties include anomaly detection, tracking, reporting and response specifically targeted towards computer or network security incidents; investigations of events and detailed analysis are required.
- Create correlations and other logic to identify attackers and defend the network against advanced attacks.
- Candidate will be responsible to provide reports, briefings, and updates to senior Military/Government/Contractor leadership, academic and executive audiences.
- Candidate will provide expert analytical support that includes research, documentation and development of tactics, techniques, and procedures to support Active Cyber Defense and IA/CND mission.
- Manage escalated security issues from investigation through recommendation and remediation plan implementation.
- Identify and address key threats, controls, and operational gaps to ensure a solid security practice.
- Mentor junior security analysts in any areas of personal or professional subject mastery.
- 9 years demonstrated Information Security Incident Response, Cyber Threat Hunting including Indicators of Compromise (IOC) & Tactics and Techniques & Procedures (TTPs) development.
- Excellent interpersonal skills, outstanding oral and written communication skills, good organizational skills, ability to work in a team and work independently.
Education and/or Certifications:
- Bachelor's degree in Computer Science, Engineering, or related discipline (Cybersecurity or Information Assurance concentration preferred) or nine (9) years of real-world or military experience in information assurance, network security or close-related experience is required.
- Candidate must be 8570 compliant (minimum Security+) and requires additional Certified Ethical Hacker (CEH) Certification, or equivalent.
- Candidate must have experience within the USCENTCOM AOR and must be familiar with its mission.
- Candidate must have a solid familiarity with application and network security. Must be able to provide technical subject matter expertise for a wide range of security technologies including, but not limited to Security Information Event Management (SIEM) Intrusion Protection and Intrusion Detection Systems (IDS/IPS), Host Intrusion Detection System (HIDS), malware analysis and protection, content filtering, perimeter access controls, logical access controls, identity and access management, and data loss prevention.
- Candidate must have strong communications skills both verbally and in writing.
- Candidate must have an understanding of vulnerabilities, exploits, and practical working knowledge of DoD Cyber Security program.
- Candidate must be able to read and understand DoD Cyber Security orders, policies and procedures.
- Experience briefing senior military and civil service employees
- Military Experience (Active Duty or Reserves)
- IAT/IAM Level III Certification
- Experience with Host Based Security System (HBSS), Firewall and ARCSIGHT software
- Experience with Cyber Security in a Joint and Coalition Partner environment
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.