Job Description

Cyber Network Analyst

Contract 3+ years, 40 hours weekly

Us Citizen, who can obtain a security clearance.

Willing to review candidates who can obtain a clearance

Work from home:
This position requires someone to be onsite 40% of the time. Final schedule TBD by the hiring manager

Performs assessments of systems and networks within the networking environment or enclave and identifies systems and networks that deviate from acceptable configurations, enclave policy, or local policy. Evaluates incident response procedures and capabilities. Investigates security log alerts. Exploits system and network vulnerabilities and misconfigurations for purposes of gathering data from target or adversary automated information systems or networks and to enable operations and intelligence collection capabilities. Leverages computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves. Writes reports for internal security stakeholders as well as law enforcement.

Our Cyber Security Team monitors and protects Laboratory research from IT threats. The team operates a security operation center which looks at network traffic to find and eliminate threats from malware, spear fishing, and other attacks against the Lab. The team also looks for any vulnerabilities in our current environment and helps identify and develop solutions to mitigate these risks.

The Security Analyst is responsible for performing operational support for network defenses, risk analysis on cyberthreats, security alerts, systems of interest, and other suspicious system or network activity. Develop requirements for implementing zero trust architecture (ZTA) to meet Laboratory needs.

Through knowledge of network defenses data analysis, the Security Analyst identifies methods to mitigate future risk to networked systems. Also, as part of the Cyber Security Team the Security Analyst assists in the evaluation and testing of security tools and devices. Experience with DevSecOps, Scripting and Application security is highly sought after for this role.

Primary Duties:
• Develop an initial understanding of the current state security architecture by documenting current security architecture.
• Work with project team to develop detailed project plans for security solutions implementation
• Assist project team developing a roadmap for achieving ZTNA for all applicable client systems.
Cyber Security Operations
• Build and Administer Cyber protection tools to include creating and maintaining standard operating procedures (SOPs)
• Expand expertise in Cyber protection tools to become subject matter expert
• Ensure the Cyber protection tools are used to their fullest extent to protect the laboratory
• Drive compliance with all Government Regulations and Laboratory Vulnerability Management policy
• Assist with communications to the laboratory and external vendors regarding capability outages and product evaluations.
• Perform daily operational tasks to ensure the health of the cyber protection tools
• Assist with coverage gap identification. Deploy, configure and manage new tools as required to correct those gaps.
Build out resilient and automated services.
• Codify infrastructure and applications for automated deployment using DevSecOps principles, processes and tools.
• Identify opportunities for automation and lead the development work through the SOAR platform.
External Awareness
• Research how vulnerabilities are being exploited and software affected.
• Proactively identify opportunities to mitigate potential threats based on research.
• Review vendor notifications and assist with laboratory communications regarding external threats.
Security Projects
• Evaluate potential security software, tools or devices
• Test new network security systems and changes to existing network security devices.
• Develop technical project plans, requirement documentation, test plans, change requests, and communications to users.

Knowledge and Skills:
Required Minimum:
•Hands-on cyber security related experience
• Identity & access management
•Python and Bash scripting
•Experience working within a Kubernetes environment
•Ability to leverage SIEM tools to evaluate and troubleshoot network and host-based security issues.
•Good understanding of TCP/IP network protocols and application layer protocols (e.g., HTTP, SMTP, DNS, etc.)
•A working understanding Authentication protocols, Authorization, PKI, secrets management, privilege access management
•Good understanding of Windows, Mac and Linux Operating Systems and Event logging.
•Ability to lead and influence the delivery of security related goals and objectives.
•Excellent customer service skills.
•Excellent verbal and written communication skills.
•Able to work without appreciable direction with direction provided at major milestones
•Able to anticipate / resolve issues, as well as research recommendations for consensus driven decision making.

•Bachelor’s Degree in Computer Science, Information Technologies, Engineering or equivalent experience.
•Familiarity with Ansible, Docker, AWS, and CloudFormation and YAML scripting
•CompTIA Security+ Certification, SANS GCIH or CISSP
•Skill in building consensus among stakeholders and colleagues.
•Understanding of Cloud and Container security best practices.
•API and automation experience
•Experience in various cyber security / SOC roles.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online