Tau Six, an agile small company delivering cutting edge cybersecurity and systems integration services to the US National Security market, has an immediate need for a Senior Cybersecurity CND Analyst to support a Department of Defense program in Springfield, VA.
Clearance Requirement: Top Secret/SCI U.S. Government clearance
Your excellent technical skills will assist in identifying risk to enterprise systems across a broad spectrum of technologies and processes. Your responsibilities will also include elements of physical and environmental protection, incident handling, and security training and awareness. In close coordination with the rest of the security team, you will play an active role in identifying risk and defending the enterprise. Candidates must possess thorough understanding of Windows & Linux operating systems, contemporary networking, and cybersecurity tools, techniques, and tactics.
- The Senior Cybersecurity CND Analyst is responsible for identifying, analyzing, and mitigating threats to hosted information systems. Uses Computer Network Defense tools, defensive measures, and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the enterprise network in order to protect information, Information Systems, and networks from threats.
- Responsible for investigating and analyzing response activities related to cyber incidents within the environment. Responsible for correlating incident data and performing CND trend analysis and reporting. Develops and provides CND activity/incident reports, summaries, and other situational awareness information, and presents to the CIO or designated representative(s).
- Develops and maintains documentation as it pertains to the use and operation of CND tools (SOPs, playbooks, incident reporting, incident response, etc.).
- The Principal Cybersecurity Analyst will prioritize, direct, guide, and evaluate other analysts through training, quality control, and feedback in coordination with the CND Manager.
- The Principal Cybersecurity Analyst shall execute a continuous monitoring and analysis strategy for host information systems to monitor and report on any indications of outsider and insider threats; watch for and report on unauthorized changes; and monitor the operational environment and report on any suspected intrusions. Shall utilize Splunk software to include Splunk Enterprise Security (ES) and Splunk User Behavior Analytics (UBA) for continuous monitoring, incident reviews, investigations, and event correlation.
- Partners with the customer to develop and implement strategic security initiatives
- Assist in security investigations and responses as necessary
- Provide cyber security technical expertise and analysis for new technologies and configurations.
- Shall have 7 or more years of experience in Information Security (INFOSEC) operations and/or cybersecurity-related experience.
- Shall have 5 or more years of experience in operating a SIEM and/or vulnerability scanner product (Splunk, Tenable, etc.)
- Education: Bachelor Degree from accredited University or Certified Computer Security Incident Handler (CSIH) or GIAC Certified Incident Handler (GCIH);