Network Threat Analyst at SAIC

Fort Meade, Florida, United States -

Full Time

Start Date

Immediate

Expiry Date

11 Apr, 26

Salary

0.0

Posted On

11 Jan, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Network Analysis, Threat Analysis, Packet Analysis, Threat Hunting, Intrusion Detection Systems, Log Data Interpretation, Cyber Operations, Security Rule Sets, SIEM Platforms, SOAR Platforms, Suricata, Snort, Yara, Sigma, Elastic, Splunk

Industry

Defense and Space Manufacturing

Description

SAIC is seeking a Network Threat Analyst to join our team and support MARFORCYBER's CCSSIII program. The ideal candidate will have demonstrated experience within a network or security operations center, identifying analyzing and reporting on threats and vulnerabilities. This position is onsite at Fort Meade, MD. Key Responsibilities: Correlating data from multiple sources, including host, network, user, and intelligence reports to uncover threats Collection, aggregation, and interpretation of log data from various sources. Configuration, management, and optimization of Network Intrusion Detection Systems and Host-based Intrusion Detection Systems to include fine-tuning security rule sets for tools such as Suricata, Snort, Yara, and Sigma Deep packet inspection and identification of malicious traffic using packet analysis tools, such as Wireshark or Network Miner Threat hunting to identify advanced persistent threats and zero-day vulnerabilities using various threat hunting methodologies Provide input into DCO mission products such as pre-mission planning briefs, situation reports, post mission documentation, after action reports and lessons learned at the conclusion of events such as operations, exercises, and training Integration and management of SIEM and SOAR platforms, such as Elastic, Splunk, Sentinel, and other open-source or government provided solutions Typical Education and Experience: Bachelor's degree or higher in Computer Science, Software Engineering, or Computer Engineering from an accredited college or university and 6 years of experience in the degree fields OR Global Information Assurance Certification (GIAC), Certified Forensics Analyst (GCFA) Certification or GIAC, Certified Intrusion Analyst (GCIA) Certification with 10 years of experience in both Host analysis and Network analysis OR 12 years of experience as a Threat Analyst with experience in both Host analysis and Network analysis OR 12 years of experience in Offensive Cyber Operations as an Interactive Operator on-Network (ION) or Exploitation Analyst (EA) Required Skills: 2 years of experience as an instructor in threat analysis or 3 years of experience in a leadership position, with 4 or more direct reports, in an organization such as a Security Operations Center, a Cyber Emergency Response Team, a Cyber Protection Team/Blue Team or a Red Team/Cyber Mission Team Demonstrated experience training and developing subordinates on foundational areas such as network and host analysis, JQR, Mission qualification, and KSA’s related to their assigned work role Knowledge and working experience with Suricata, Snort, Yara, and Sigma, Elastic, Splunk, Sentinel, and other open source or government provided solutions IAT Level III certification Required Clearance: TS/SCI with polygraph is required. Polygraph MUST be dated within the last five years

Responsibilities

The Network Threat Analyst will correlate data from multiple sources to uncover threats and perform deep packet inspection to identify malicious traffic. Additionally, they will provide input into DCO mission products and manage SIEM and SOAR platforms.