Defensive Cyber Operations Analyst

Dark Wolf Solutions is looking for a Defensive Cyber Operations Analyst who will perform continuous system monitoring to identify malicious cyber-attacks while supporting the containment, and remediation of IT threats. Additionally, this position will monitor networks and applications to identify a possible cyber-attack or intrusion and help coordinate and report on the cyber incident responses.

Key Responsibilities:

• Vulnerability Management actions to include providing recommendations. Implement mitigations.
• Active monitoring of Defensive Cyber Operations (DCO) systems
• Conduct intrusion analysis and correlation of unauthorized activities; provide and implement recommendations to improve customer mitigation processes
• Perform threat insight processes to provide analysis to support mitigation and remediation activities
• Analyze cyber incidents, correlate incident details, and formulate and implement response actions with guidance from leadership
• Participate in Root Cause Analysis process and documentation capturing efforts taken to mitigate unauthorized actions
• Participate in the development of DCO tactics, techniques, and procedures
• Participate in the development of DCO concept of operations, processes, and procedures
• Identify security discrepancies and report and respond to security incidents
• Provide research and analysis in support of expanding programs and areas of responsibility
• Draft documentation for briefings, reports, and informational analyses
• Assist in the development of local Tactics, Techniques, and Procedures (TTPs)
• Participate in customer exercises (after duty hours may be required)
• Adhere to defined policies, master plans and schedules
• Complete all initial and annual training requirements and disclosures as outlined by BSTG
• Perform all other duties as required, consistent with the goals, objectives, and responsibilities of the department

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, or a related field
• Department of Defense Directive (DoDD) 8140 (formerly DoDD 8570) IAT CSSP Certification must be obtained prior to hire (CEH, CCNA Security, GCIH, CySA+ or Equivalent)
• 2+ years of experience with a SIEM Tool (LogRhythm, Splunk)
• 2+ years of experience with employment of DoD cybersecurity requirements, policies, and procedures to include assessment and authorization activities
• Experience within a vSOC, SOC, or CSSP responding to cyber incidents
• Active TS security clearance required; TS/SCI preferred

Desired Qualifications:

• Experience performing cybersecurity activities in support of software and system requirements, design, development, testing, and sustainment
• Experience with HBSS, ACAS, SCAP Compliance Checker (SCC), DISA STIGs
• Working knowledge of NIST 800-53 Security and Privacy Controls
• Experience with RHEL
• Experience in performing post-incident computer forensics without destruction of critical data
• Ability to provide guidance on DoD Cyber regulations and requirements to engineering and software development staff

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.