Cybersecurity Host Based Analysis Specialist/ Information Security Analyst II

PRIMARY DUTY RESPONSIBILITIES:

1. Perform incident triage to determine scope, urgency, and potential operational impact by identifying vulnerabilities and making recommendations.
2. Create custom signatures or correlation rules to detect future incidents and recommend protections to enhance security.
3. Serve as technical expert and liaison to external incident response personnel, briefing incident details as necessary.
4. Provide incident handling support such as forensics collection, intrusion correlation, threat analysis, and system remediation.
5. Develop and publish incident response guidance and detailed incident reports for relevant audiences.
6. Create SOPs and workflows that incorporate new technologies.
7. Train government personnel on current and emerging technologies to support security efforts.
8. Conduct heuristic analysis on event data, perform high-performance searches, and generate comprehensive incident reports.
9. Monitor and safeguard the security of systems and networks.
10. Support enterprise vulnerability management programs, report events, process task orders, and contribute to vulnerability management policies to meet evolving security needs.

Security Clearance: Top Secret with SCI.

Education/Certifications: BS or MS degree in an IT-related field, DoD 8570/8140 IAM or IAT Level II Certification, and one of the following: CSSP-Analyst.

• At least 2 years of experience analyzing network intrusion data from sources like logs, system images, and packet captures to mitigate network incidents.