Cyber Defense Analyst - Senior at ECS Federal (ecstech.com)
ECS Federal (ecstech.com) · Washington, United States Of America · Onsite
- Senior
- Office in Washington
ECS is seeking a Cyber Defense Analyst - Senior to work in our Washington, DC office.
ECS Federal is a rapidly growing information security and information technology company in Washington, DC. We are looking to hire a Senior Cyber Defense Analyst to support a full range of cyber security services on a long-term contract in Washington DC. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.
Job Requirements:
- Strong written and verbal communication skills with excellent attention to detail
- Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
- Ability to conduct independent analysis with minimal assistance on events generated by SIEM and individual security tools.
- Ability to create custom detection rules to query log data for indicators of compromise.
- Experience conducting security event analysis from beginning to end and determining root cause.
- Experience creating and reviewing standard operating procedures with minimal supervision and oversight.
- Ability to mentor junior personnel and provide guidance on analysis that may exceed the capabilities of junior analysts.
- Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
- Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
- Knowledge of incident response and handling methodologies.
- Knowledge of incident categories, incident responses, and timelines for responses.
- Knowledge of front-end collection systems, including traffic collection, filtering, and selection.
- Experience with system administration, network, and operating system hardening techniques.
- Knowledge of cyber defense and information security policies, procedures, and regulations.
- Knowledge of the common attack vectors on the network layer.
- Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
- In-depth understanding of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
- Knowledge of various types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN).
- Knowledge of file extensions (e.g., .dll, .bat, .zip, .pcap, .gzip).
- Knowledge of front-end collection systems, including traffic collection, filtering, and selection
- Develop content for cyber defense tools.
- Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
- Coordinate with enterprise-wide cyber defense staff to validate network alerts.
- Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
- Document and escalate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
- Perform cyber defense trend analysis and reporting.
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
- Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
- Identify and analyze anomalies in network traffic using metadata.
- Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
- Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools.
*6+ years of relevant work experience required*
Salary Range: $107,000 - $124,000
General Description of Benefits
Apply Now