Cyber Security Analyst - (ACD) Real-Time Detection
Company: Bowhead / UIC Technical Services
Location: Montgomery
Posted on: August 5, 2022
|
|
Job Description:
Description
CYBER SECURITY ANALYST - (ACD) REAL-TIME DETECTION
(JBSA-21-0899-W):
Bowhead seeks a Cyber Security Analyst - (ACD) Real-Time Detection
to support the AFCERT DCO HAC contract in Montgomery, AL.
The ability of the AFCERT to complete its mission is dependent upon
accurate, timely and thorough near real-time network security
monitoring and analysis of the Air Force network/systems DCO
events. Real- Time analyst contractors are required to provide 24
hour coverage (work) for seven (7) days a week, 365 days a year
with zero tolerance for error.
--- Review all Near Real-Time IDS/IPS alerts per AFCERT Operating
Instruction (OI) and checklists at the AOL, COOP, or Ops Floor
--- Conduct near real-time security monitoring and intrusion
detection analysis for all systems
--- Comply with 3rd party MOU/MOA monitoring and reporting
requirements.
--- Monitor security sensors to analyze Intrusion Detection Systems
(IDS) and Security Information and Event Management (SIEM) to
identify and correlate security issues/events and review logs to
identify intrusions for remediation.
--- Analyze and manage analysis results to identify and mitigate
threats and enforce corrective actions.
--- Analyze traffic/logs/events to determine the necessity for
higher level analysis and conduct an initial assessment of type and
extent of intruder activities.
--- Utilize tools and techniques to perform initial analysis,
de-obfuscation, or other manipulation of malware related data.
--- Conduct Incident intake and record suspicious events into the
operational database for suspicious traffic. These records shall
contain sufficient information to stimulate future analysis of
suspicious traffic. The record shall answer the: who, what, where,
why and when for this suspicious activity, update tickets (CAT
events) for reporting of cyber events.
--- Perform initial analysis of security events, network
traffic.
--- Enter event data into mission support systems IAW AFCERT
operational procedures and reports.
--- Compile suspicious events records and other artifacts as part
of its Monthly Operational Report.
--- Escalate security incidents using established policies and
procedures.
--- Generate end-of- reports (MISREPS) and provide pass-on
information for knowledge transfer to subsequent /crews of analysts
on duty regarding the latest suspicious traffic seen from a given
port, Internet Protocol (IP), etc. with no more than a 5% error
rate.
--- Provide computer security-related support to AF field units in
countering vulnerabilities, minimizing risk, and improving the
security posture of AF networks and systems within the scope of
AFCERT operational requirements and mission execution.
--- Provide focused DCO tailored analysis and monitoring operations
of specified sensor locations during contingency operations and in
support of named DCO operations and exercises.
--- Conduct 24x7x365 near real-time network security monitoring and
intrusion detection analysis for the networks, systems monitored
using AF's selected IDS/IPS capabilities with no more than a 5%
error rate. Incident Response (ACD IR Operator - Requires Mission
Ready Status)
Bowhead seeks to network with qualified individuals relative to a
potential opportunity, which is contingent upon award and not
currently funded. Please click the link at the bottom of this
posting to apply for consideration. Incumbent employees are
encouraged to respond. No solicitations or third party applications
will be accepted.
Requirements
In accordance with Executive Order 14042: Ensuring Adequate COVID
Safety Protocols for Federal Contractors, candidates should be
aware that they may be required to have received or be willing to
receive the COVID-19 vaccine by date of hire. All job offers in
connection with a covered contract may be contingent upon providing
proof of vaccination prior to your anticipated start date.
Intermediate knowledge with one or more of the IDS/IPS systems
currently in use by the Department of Defense (DoD), Services, and
Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government
and intermediate experience in the following areas: IP addressing
and domain name service; network components; Transmission Control
Protocol (TCP)/User Datagram Protocol (UDP), File Transfer Protocol
(FTP), Simple Mail Transfer Protocol (SMTP), and Hypertext Transfer
Protocol (HTTP); and understand the network Open Systems
Interconnection (OSI) model. Extensive knowledge of MITRE
ATT&CK framework, and its uses within the cybersecurity
community (e.g., Open Source projects)
--- 2-10 years of experience.
--- BA/BS Computer Science, Computer Engineering, Computer
Information Systems, Computer Systems Engineering or related degree
preferred
--- Demonstrates in-depth knowledge and understanding of the
Computer Forensics Analyst activities required to meet mission
requirements
--- Must be able to travel on short notice
Certification Requirements:
--- IAT Level I CND compliance.
--- GCIA, GNFA or GCDA.
SECURITY CLEARANCE REQUIREMENTS: Must currently hold a security
clearance at the Top Secret/SCI level. US Citizenship is a
requirement for Top Secret clearance at this location.
Applicants may be subject to a pre-employment drug & alcohol
screening and/or random drug screen, and must follow UIC's Non-DOT
Drug & Alcohol Testing Program requirements. If the position
requires, an applicant must pass a pre-employment criminal
background history check. All post-secondary education listed on
the applicant's resume/application may be subject to
verification.
Where driving may be required or where a rental car must be
obtained for business travel purposes, applicants must have a valid
driver license for this position and will be subject to
verification. In addition, the applicant must pass an in-house,
online, driving course to be authorized to drive for company
purposes.
UIC is an equal opportunity employer. We evaluate qualified
applicants without regard to race, age, color, religion, sex,
sexual orientation, gender identity, national origin, disability,
veteran status, and other protected characteristics EOE/AA/M/F/D/V.
In furtherance, pursuant to The Alaska Native Claims Settlement Act
43 U.S.C. Sec. 1601 et seq., and federal contractual requirements,
UIC and its subsidiaries may legally grant certain preference in
employment opportunities to UIC Shareholders and their Descendants,
based on the provisions contained within The Alaska Native Claims
Settlement Act.
All candidates must apply online at www.uicalaska.com, and submit a
completed application for all positions they wish to be considered.
Once the employment application has been completed and submitted,
any changes to the application after submission may not be
reviewed. Please contact a UIC HR Recruiter if you have made a
significant change to your application. In accordance with the
Americans with Disabilities Act of 1990 (ADA), persons unable to
complete an online application should contact UIC Human Resources
for assistance (https://uicalaska.com/careers/recruitment/).
UIC Government Services (UICGS / Bowhead) provides innovative
business solutions to federal and commercial customers in the areas
of engineering, maintenance services, information technology,
program support, logistics/base support, and procurement.
Collectively, the fast-growing Bowhead Family of Companies offers a
breadth of services which are performed with a focus on quality
results. Headquartered in Springfield, VA, we are a fast-growing,
multi-million-dollar corporation recognized as one of the top 25
8(a) companies for government contracting.
Bowhead offers competitive benefits including medical, dental,
vision, life insurance, accidental death and dismemberment,
short/long-term disability, and 401(k) retirement plans as well as
a paid time off programs for eligible full-time employees. Eligible
part-time employees are able to participate in the 401(k)
retirement plans and state or contract required paid time off
programs.
Link to Apply:
https://rn21.ultipro.com/UKP1001/jobboard/NewCandidateExt.aspx?__JobID=26660
#LI-JR1
Keywords: Bowhead / UIC Technical Services, Montgomery , Cyber Security Analyst - (ACD) Real-Time Detection, Professions , Montgomery, Alabama
Click
here to apply!
|