Senior Cyber Defense Operations Threat Analyst
Location: Scott AFB, IL
Full-Time (8-5 M-F)
Jacobs is looking for a Senior Cyber Threat Analyst to join a security event monitoring and correlation team within a tiered Security Operations Center. This role conducts open-source and classified intelligence research and analyzes threats and their behavior. This role also provides recommendations to threat mitigation strategies; employs effective oral, web, email, and telephonic communications to clearly manage security incident response procedures; and performs routine event reporting over time, including trend reporting and analysis. The ability to implement standard procedures for incident response while interfacing with Information Security Officer and IT staff is required.
Responsibilities include, but are not limited to:
- Execute cyber threat analysis processes and procedures IAW DoD policy and USTRANSCOM Government direction
- Provide cyber threat analysis support to USTRANSCOM’s Cyber Security Service Provider (CSSP) missions on-site at Scott AFB during normal duty hours and on-call after duty hours with a one (1) hour response time to begin work
- Collect, analyze, and report on security events that affect the operation of USTRANSCOM information systems that are hosted within USTRANSCOM’s and CSSP subscriber enclaves, and for systems hosted elsewhere for which USTRANSCOM is the authorizing official
- Collect, analyze, and report security events that affect the operation of USTRANSCOM’s mission environment and identified Cyber-Key Terrain (C-KT)
- Collect and provide the Government with monthly metrics on cyber threat analysis activity
- Conduct cyber threat intelligence activities to include report writing and briefing at all levels
- Maintain current documentation on cyber threat analysis processes and procedures and provide deliverable documents to the government IAW the assigned suspense dates
Here’s What You’ll Need:
- Candidates should have a formal cyber intelligence background (military/government civilian preferred) with proven experience in conducting in-depth analysis, intelligence reporting and executive-level briefings.
- Familiarity with Advanced Persistent Threat groups (Tactics, Techniques, and Procedures/Indicators of Compromise) is critical.
- Familiarity with managed-attribution OSINT tools (e.g. Silo) is desired.
- Experience using a SIEM (Splunk is preferred) in the course of conducting cyber threat analysis.
- Candidates should demonstrate in-depth knowledge of TCP/IP enterprise network services in addition to a demonstrated capability to perform network packet analysis and anomaly detection.
- Cloud experience or understanding of threats to cloud environments is preferred.
- This position requires a Bachelor’s degree with 8 years of experience or a total of 12 years of related experience.
- IAT Level II, CSSP Analyst, and CSSP Incident Responder certifications are required.
- Minimum of a Top Secret level DoD Security Clearance with SCI eligibility is required.
Requires sitting at a computer terminal for long periods of time (90%). There is a possibility that due to parking availability and location of work-area walking moderate to long distances can sometimes be required.
Inside office/cubicle environment. Requires ability to interact professionally with co-workers and all levels of management (100%).
Equipment and Machines
Requires ability to operate a personal computer, a telephone, copier, and other general office equipment (100%).
Attendance is critical. Work hours are normally 8 hours per day and 5 days per week, Monday through Friday. Being prompt is important to provide continuous and on-going service to customers. Work outside of normal duty hours may be required with as little as one-hour advance notice. Overtime is infrequent, but important when required (1%).
Other Essential Functions
Must be able to communicate effectively, both verbally and in writing. Must be able to interface with individuals at all levels of the organization. Must be able to obtain unescorted access to work areas. Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others.
Brooksource provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, national origin, age, sex, citizenship, disability, genetic information, gender, sexual orientation, gender identity, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state, and local laws.