- Professional
- Office in Fort Meade
SAIC is seeking a Network Threat Analyst to join our team and support MARFORCYBER's CCSSIII program. The ideal candidate will have demonstrated experience within a network or security operations center, identifying analyzing and reporting on threats and vulnerabilities.
This position is onsite at Fort Meade, MD.
Key Responsibilities:
Correlating data from multiple sources, including host, network, user, and intelligence reports to uncover threats.
Collection, aggregation, and interpretation of log data from various sources. Configuration, management, and optimization of Network Intrusion Detection Systems and Host-based Intrusion Detection Systems to include fine-tuning security rule sets for tools such as Suricata, Snort, Yara, and Sigma.
Deep packet inspection and identification of malicious traffic using packet analysis tools, such as Wireshark or Network Miner.
Threat hunting to identify advanced persistent threats and zero-day vulnerabilities using various threat hunting methodologies.
Provide input into DCO mission products such as pre-mission planning briefs, situation reports, post mission documentation, after action reports and lessons learned at the conclusion of events such as operations, exercises, and training.
Integration and management of SIEM and SOAR platforms, such as Elastic, Splunk, Sentinel, and other open-source or government provided solutions.
Typical Education and Experience:
- Bachelor's degree or higher in Computer Science, Software Engineering, or Computer Engineering from an accredited college or university and 6 years of experience in the degree fields.
- OR Global Information Assurance Certification (GIAC), Certified Forensics Analyst (GCFA) Certification or GIAC, Certified Intrusion Analyst (GCIA) Certification with 10 years of experience in both Host analysis and Network analysis.
- OR 12 years of experience as a Threat Analyst with experience in both Host analysis and Network analysis.
- OR 12 years of experience in Offensive Cyber Operations as an Interactive Operator on-Network (ION) or Exploitation Analyst (EA).
Required Skills
2 years of experience as an instructor in threat analysis or 3 years of experience in a leadership position, with 4 or more direct reports, in an organization such as a Security Operations Center, a Cyber Emergency Response Team, a Cyber Protection Team/Blue Team or a Red Team/Cyber Mission Team.
Demonstrated experience training and developing subordinates on foundational areas such as network and host analysis, JQR, Mission qualification, and KSA’s related to their assigned work role.
Knowledge and working experience with Suricata, Snort, Yara, and Sigma, Elastic, Splunk, Sentinel, and other open source or government provided solutions.
IAT Level III certification
Required Clearance:
- TS/SCI with polygraph is required. Polygraph MUST be dated within the last five years.
*!SAIC accepts applications on an ongoing basis and there is no deadline.
SAIC® is a premier Fortune 500® mission integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives.
We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.5 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. Apply Now
