(781) 916-2284 [email protected]

Senior Threat Analyst

Our client, a large government systems integrator located in Fort Huachuca, AZ, is looking to hire a Top Secret cleared Senior Threat Analyst to work onsite in a 12-month contract. The senior analyst will be responsible for supporting the defense of Army networks.  The consultant will be designing, implementing, and administering network security for UNIX, Windows, Cisco, and Juniper technologies.

This role performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. This role also measures effectiveness of defense-in-depth architecture against known vulnerabilities.  The consultant will be performing technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications).

The consultant will be responsible for analyzing the organization’s cyber defense policies and configurations and evaluating compliance with regulations and organizational directives.  The consultant will be maintaining a deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions.

Required Skills:

  • MA/MS OR- BA/BS in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science
  • 10+ years experience in similar roles
  • Must have active Top Secret clearance
  • Proven experience and ability to leverage CND analysis toolsets to detect and respond to IT security incidents.
  • Must maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
  • Experience preparing audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.
  • Experience designing, implementing, and administering network security for UNIX, Windows, Cisco, and Juniper technologies
  • Experience performing TCP-IP protocol implementation across designated Army networks
  • Ability to lead security event monitoring, to include proactive and iterative log and packet analysis and anomaly detection
  • Must meet DoD 8140 DCWF 541 requirements (B.S., CISA, CISM, GCIH, or GSNA)
  • The following certifications:
    • GCFA: GIAC Certified Forensic Analyst
    • An IAT II certification (CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP) is required
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • Knowledge of application vulnerabilities.
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
  • Knowledge of penetration testing principles, tools, and techniques
     

Desired Skills:
 

  • First-hand knowledge of the mission and operational requirements of the U.S. Army.
  • A demonstrated understanding of U.S. Army IT operational and technical requirements, and an advanced understanding of U.S. Army IT applications and network systems.
  • One or more of the following certifications:
    • CCE: Rocheston Certified Cybersecurity Engineer
    • CFR: CyberSec First Responder
    • CySA+: CompTIA Cybersecurity Analyst plus
    • GCFA: GIAC Certified Forensic Analyst
    • GCFE: GIAC Certified Forensic Examiner
    • PenTest+: CompTIA Penetration Tester plus
    • ITIL v3 Foundations (or higher) certification, or able to achieve this certification w/in 90 days of contract start or hire date