VetJobs - The Leading Military Job Board

This job was posted by https://www.azjobconnection.gov : For more information, please see: https://www.azjobconnection.gov/jobs/6452525

Job Description

Computer World Services, Corporation (CWS) is seeking an exceptional candidate to serve as Cyber Threat Analyst for the US Army Regional Cyber Center - Continental United States (RCC-CONUS) program responsible for performing non-personal Information Technology (IT) Services and support requirements. RCC-CONUS is responsible to operate, manage, and defend the Army\'s NIPRNet and Secure Internet Protocol Router Network (SIPRNet) CONUS portion of the GIG, and the NIPRNet and SIPRNet DoDIN-A. The RCC-CONUS functions as part of a larger joint environment, responding to the Theater Combatant Commanders, the ARCYBER, and the Army Cyber Command\'s Army Cyberspace Operations and Integration Center (ACOIC), which operates the GIG in support of Department of Defense (DoD) operations around the world. Services include Network and System Modernization, Cyber Defensive Operations, Defensive Cyber Assessments, Defensive Cyber Infrastructure Support, Threat & Data Analytics, DoDIN Operation Support, Network Management, Systems Management, IT Lifecycle Management, IT Service Management (ITSM), Portfolio/IT Investment Management, and Theater Operations and Service Desk support.

The candidate will leverage skills and expertise by determining system vulnerabilities, monitor and assess potential threats, and ensure a network meets security qualifications. Monitor the cybersecurity program by gathering technical and tactical information, perform digital forensics, conduct all-source analysis, and pose counteractions to protect intelligence.

Key Tasks and Responsibilities

Responsible for providing a Cyber Threat Awareness Report on network threats/trends to the theater.

Produce informational reports for the CONUS Theater stakeholders to address evolving cyber threats/trends in order to increase situational awareness and affect positive changes to the defensive posture of the CONUS Army networks.

Perform analysis of specific Information Assurance Vulnerability Alert (IAVA) and Common Vulnerability and Exposures (CVE) vulnerabilities as assigned by RCC-CONUS leadership and provide a detailed risk assessment as well as recommended mitigation actions.

Provide risk assessment with recommended mitigation.

Conduct cyber threat analysis and hunting utilizing proactive and iterative approaches to search all supported networks to detect and isolate advanced threats that may evade existing security solutions.

Ability to devise modeling and measuring techniques; utilizes mathematics, statistical methods, engineering methods, operational mathematics techniques (linear programming, game theory, probability theory, symbolic language, etc.), and other principles and laws of scientific and economic disciplines.

Ability to demonstrate a complete understanding and wide application of technical principles, theories, and concepts within the Cyber Research field and provide consultation to technical solutions over a wide range of complex difficult problems in which proposed solutions are imaginative, thorough, practicable, and consistent with organization objectives. Professionally certified as Technical Level III as defined by DODI 8570 is a requirement.

Examine threat intelligence from DoD and public sources to identify threats that are relevant within the AOR.

Responsible for utilizing the information collected from research and cyber hunt missions to provide recommendations and operational impact assessments of tasked domains to increase the likelihood of identifying advanced intruders and malicious software in supported networks.

Conduct Cyber hunt missions that include, but are not limited to, examining information systems, network devices, and endpoints for indicators of compromise and network activity via a p ethora of network artifacts including but not limited to network flow, packet analysis, network device logs, etc.

Consolidate research and results of the cyber hunt missions and produce a Threat Hunt and Analysis report or Operational Impact Assessment IAW TE 3 Deliverables. Cyber hunt research and mission results shall also be incorporated into PPT missions and shared with RCC-CONUS leadership, subscribers, and stakeholders.

Provide data analysis to include trend analysis evaluating activity on the Army networks to identify systemic or potential issues and include metrics and recommendations to enable to development and deployment of response actions.

Responsible for having sufficient personnel on staff to maintain on-site capability (IAW paragraph 5.3) to work directly with RCC-CONUS Operations personnel to conduct initial triage/cyber incident analysis to include, review correlated events, system/device logs, and SIEM event data to determine and recommend/take immediate DCO response actions.

Produce data logs in the conduct of incident analysis and recommend mitigation measures in response to general or specific Advanced Persistent Threats (APT), (attempted exploits/attacks, malware delivery, etc.) on Army networks that include blocking/denying access by hostile sites or restricting access by specific ports/protocols and/or applications.

Provide recommendations t