Cyber Defense Analyst

Recruiting for this position is being handled by Corps Team on behalf of our government contracting client. This is a full-time, direct hire, employee position with excellent benefits. This role is on site in Lackland Air Force Base in San Antonio and requires an active, TS/SCI full scope poly clearance. The salary is $215-230k.

Primary Responsibilities:

• Uses information collected from a variety of sources to monitor network activity and analyze it for evidence of anomalous behavior.
• Identifies, triages, and reports events that occur in order to protect data, information systems, and infrastructure.
• Finds trends, patterns, or anomaly correlations utilizing security-relevant data.
• Recommends proactive security measures.
• Conducts analysis to isolate indicators of compromise.
• Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event’s history, status, and potential impact for further action in accordance with the organization’s cyber incident response plan.

Education:

Bachelor’s Degree in Engineering or Computer Science and 6 years of experience or 8 years of experience without a technical degree.

Required Qualifications:

• Two (2) years of demonstrated and practical experience in TCP/IP fundamentals.
• Two (2) years of demonstrated experience with network traffic analysis tools such as Bricata, tcpdump, or Wireshark.
• Three (3) years of demonstrated experience using security information and event management suites (such as Splunk, ArcSight, Kibana, and LogRhythm).
• Three (3) years of demonstrated experience in network analysis and threat analysis software utilization.
• Three (3) years of demonstrated experience maintaining or managing Cloud environments such as Microsoft Azure, and Amazon Web Services (AWS), using tools like Microsoft Sentinel.
• TS/SCI full scope poly required
• Ability to work on site at Lackland AFB required

Required Certifications:

• Requires DoD 8570 compliance with CSSP Analyst baseline certification.
• Information Assurance Technical (IAT) Level I (possess one: A+ CE, CCNA-Security, CND, Network+ CE, SSCP) or Level II (possess one: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP) certification.
• Candidate must have Computing Environment (CE) certification, which can be fulfilled with either Microsoft OS, Cent OS/Red Hat OS CE certifications.
• Requires Global Information Assurances Certification (GIAC) Certified Incident Handler (GCIH) certificate or Certified Intrusion Analyst (GCIA) certificate.
• Requires successful completion of the Splunk software training course "Fundamentals 1".

Corps Team is an equal opportunity employer and does not discriminate on the basis of age, race, color, creed, religion, national origin, ancestry, citizenship status, sex, veteran status, disability, genetic information or any other characteristic prohibited by applicable federal, state or local law.