NOSC Operations Analyst (Journeyman)

Crystal Management - Reston, VA

posted 4 months ago

Full-time - Mid Level
Remote - Reston, VA
Professional, Scientific, and Technical Services

About the position

CMIT is seeking a motivated, career and team-oriented cybersecurity data engineer in support of the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Continuous Diagnostic & Mitigation (CDM) Data Services Program. The CDM Data Services Program is a critical component of CISA's national effort to ensure the defense and resilience of cyberspace. The mission of the CDM Data Services Program is to provide a standardized platform to collect, transform, and integrate cybersecurity data from relevant authoritative data sources into a coherent data set, delivering actionable information into Agency and Federal Dashboards to identify risk areas in support of mitigation as well as to facilitate coordinated agency and national response to cyber-threats. As a Journeyman NOSC Operations Analyst, you will play a key role in ensuring the availability, integrity, and confidentiality of critical government systems and networks through network operations and security monitoring activities. This position involves conducting real-time monitoring of network traffic within the NOSC to identify potential security events or incidents, performing in-depth analysis of logs and alerts, and leading incident response efforts by coordinating with internal teams and external stakeholders. You will also develop and execute containment, eradication, and recovery strategies to mitigate the impact of security incidents, monitor the availability and performance of applications and infrastructure systems, and provide Tier 2 support for complex technical issues. In addition, you will be responsible for conducting advanced analysis of security events, investigating potential advanced persistent threats (APTs), and developing security monitoring use cases to improve detection capabilities. Effective communication with stakeholders, preparing comprehensive incident reports, and contributing to the enhancement of security monitoring processes are also key aspects of this role. This is a remote position where the candidate can work from any location within the United States, provided they are able to work on an eastern time zone schedule.

Responsibilities

  • Conduct real-time monitoring of network traffic within the NOSC to identify potential security events or incidents.
  • Perform in-depth analysis of logs and alerts, leveraging security tools (e.g., SIEM, IDS/IPS) to investigate and respond to security events.
  • Lead incident response efforts by coordinating with internal teams, external stakeholders, and senior analysts.
  • Develop and execute containment, eradication, and recovery strategies to mitigate the impact of security incidents.
  • Monitor the availability, performance, and integrity of applications, network connections, and infrastructure systems.
  • Proactively identify and resolve operational issues, conducting root cause analysis and implementing appropriate remediation measures.
  • Provide Tier 2 support, serving as an escalation point for complex technical issues and collaborating with Tier 1 help desk support.
  • Conduct advanced analysis of security events and alerts, utilizing threat intelligence and industry best practices to uncover sophisticated threats.
  • Investigate and respond to potential advanced persistent threats (APTs), targeted attacks, and insider threats.
  • Develop and optimize security monitoring use cases, rules, and signatures to improve detection capabilities.
  • Collaborate with cross-functional teams to gather information, share insights, and ensure incidents and events are appropriately documented.
  • Prepare comprehensive incident reports, including incident timelines, root cause analysis, and recommendations for proactive security improvements.
  • Communicate effectively with internal and external stakeholders, providing updates on incidents, investigations, and mitigation efforts.
  • Contribute to the enhancement of security monitoring processes and procedures, developing and implementing efficient workflows.
  • Assist in the development and maintenance of standard operating procedures (SOPs) and guidelines for NOSC operations.
  • Stay abreast of emerging cyber threats, security technologies, and industry trends to drive continuous improvement and innovation.

Requirements

  • Bachelor's degree in Computer Science, Information Systems, or a related field (relevant experience may substitute for a degree) required.
  • A security certification such as CompTIA Security+ required.
  • In-depth knowledge of network protocols, infrastructure, and security best practices.
  • Extensive experience in network security monitoring and incident response, including analysis of logs, alerts, and network traffic.
  • Proficiency with security monitoring tools (e.g., SIEM, IDS/IPS), threat intelligence platforms, and malware analysis tools.
  • Strong technical troubleshooting skills and experience with operations support, including application availability and network connectivity.
  • Demonstrated understanding of advanced threats, APTs, and insider threats.
  • Excellent analytical and problem-solving abilities with a focus on continual improvement.
  • Effective written and verbal communication skills, including the ability to convey complex technical information to both technical and non-technical audiences.
  • Effective collaboration skills, with proven experience working in multidisciplinary teams.
  • Flexibility to work rotating shifts, weekends, and occasional on-call duties as needed.
  • Ticketing Software experience
  • Azure or AWS Hands-on experience.

Nice-to-haves

  • Experience with cloud security practices and tools.
  • Knowledge of compliance frameworks such as NIST, FISMA, or RMF.

Benefits

  • Medical / Rx
  • HSA / FSA
  • Dental & Vision
  • Life / AD&D
  • Long & Short Disability
  • Disability Insurance
  • Accident Insurance
  • Critical Illness
  • Hospital Insurance
  • Pet Benefits
  • Education/Training Program
  • 401k Retirement
  • Generous Paid Time Off
  • Flexible Parental Leave
  • Volunteer Time Off
  • Flexible Work Locations
  • Alternative Work Schedules

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service