Trace Systems - Scott Air Force Base, IL

posted about 2 months ago

Full-time - Mid Level
Scott Air Force Base, IL
Professional, Scientific, and Technical Services

About the position

The Cyber Security Analyst at Trace Systems will be responsible for ensuring the security of the DoD network at Scott AFB, IL. This role involves analyzing cyber threats, managing security devices, conducting audits, and reporting findings to USCYBERCOM. The analyst will work on-site and must possess a Top Secret clearance due to the sensitive nature of the work.

Responsibilities

  • Conduct cyber threat analysis on the DoD network.
  • Perform network traffic analysis using packet capture programs.
  • Conduct routine security audits for compliance.
  • Respond to alerts and identify malicious threats on the DoD network.
  • Upgrade network sensors and Security Information and Event Management systems as new threats are discovered.
  • Manage Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) devices.
  • Manage firewalls.
  • Report findings to USCYBERCOM for review.

Requirements

  • Active, in-scope US Government issued Top Secret clearance.
  • US Citizenship is required due to the nature of the work.
  • 2+ years of Cyber Security or Information Assurance related experience.
  • Current DoD 8570 IAT Level II certification (Security+, CCNA-Security, CySA+, etc.).
  • Knowledge of the life cycle of network threats, attacks, and attack vectors.
  • Understanding of methods of exploitation and intrusion set tactics, techniques, and procedures (TTPs).
  • Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
  • Hands-on experience analyzing high volumes of logs, network data (e.g., Netflow, FPC), and other attack artifacts in support of incident investigations.
  • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g., Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk).
  • Experience and proficiency with Anti-Virus, HIPS, ID/PS, Full Packet Capture software, Host-Based Forensics, or Network Forensics.
  • Experience with malware analysis concepts and methods.
  • Unix/Linux command line experience.
  • Scripting and programming experience.
  • Strong written and verbal communication skills, with the ability to create complex technical reports on analytic findings.
  • Willingness to perform shift work.

Nice-to-haves

  • Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP, CASP and/or SIEM-specific training and certification.
  • Demonstrated commitment to training, self-study, and maintaining proficiency in the technical cyber security domain.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service