Senior Cyber Security Associate
$120,000 - $127,000/Yr
GovCIO - Illinois City, IL
posted 2 months ago
Full-time - Mid Level
Illinois City, IL
About the position
GovCIO is seeking a Cyber Operator (CPT) to execute, hunt, and clear missions in a cybersecurity environment. This role involves analyzing cyber threats, providing assessments, and supporting incident response efforts. The position is located in Shiloh Valley Township, IL, and is strictly onsite. The Cyber Operator will collaborate with various teams to enhance the security posture of clients and will be responsible for conducting intelligence analysis and forensic investigations.
Responsibilities
- Correlates threat data from various sources to establish the identity and modus operandi of hackers active in client's networks.
- Provides assessments and reports to facilitate situational awareness of current cyber threats.
- Develops cyber threat profiles based on geographic region, country, group, or individual actors.
- Produces cyber threat assessments based on entity threat analysis.
- May provide computer forensic and intrusion support to high technology investigations.
- Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities.
- Collaborates with intrusion analysts to identify and coordinate remediation of cyber threats.
- Provides timely and actionable sanitized intelligence to cyber incident response professionals.
- Conducts intelligence analysis to assess intrusion signatures and tactics associated with cyber-attacks.
- Researches hackers, techniques, vulnerabilities, and provides detailed briefings to leadership.
- Serves on a Cyber Protection Team (CPT) in a Cyber Security Host Analyst position.
- Conducts cyber threat hunting, network navigation, and tactical forensic analysis.
- Provides support for persistent monitoring of designated enclaves and systems.
- Interprets, analyzes, and documents findings in reports according to computer network directives.
- Manages and executes first-level responses to reported or detected incidents.
Requirements
- High School diploma with 9+ years of relevant experience or commensurate experience.
- TS/SCI clearance eligibility; Top Secret with the ability for SCI nomination.
- DoD 8570 IAT Level III certification (current).
- CompTIA Advanced Security Practitioner+ Continuing Education (CASP+ CE), Cisco Certified Network Professional (CCNP) Security, Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) (or Associate), GIAC Certified Enterprise Defender (GCED), GIAC Certified Incident Handler (GCIH), or Certified Cloud Security Professional (CCSP).
- General knowledge of physical computer components and architectures, including basic programming concepts and networking protocols.
- Strong knowledge of Windows Fundamentals and/or UNIX/Linux fundamentals, and adversary Tactics, Techniques, and Procedures (TTPs).
- Proficient in writing, editing, and executing scripts on Windows and UNIX/Linux systems.
- Experience with toolsets such as the Elastic Stack, Arkime, Zeek, Wireshark, Metasploit, tcpdump, NMap, Nessus, Snort, EnCase, and Forensic Toolkit.
- General knowledge of cyber security frameworks, such as the Cyber Kill Chain, MITRE ATT&CK, and the NIST 800 series.
- Proficient in collecting and analyzing digital data, recording detailed notes, and documenting findings.
Nice-to-haves
- Host - Operating system certification (ie, Linux+, Windows Server, GCIH, etc.).
- Knowledge of virtualization concepts and tools, such as VMware/Virtual Box, Docker, Kubernetes, and Ceph.
- Familiarity with Cloud Computing concepts and tools, such as AWS, Azure, and Google Cloud.
- Experience programming in C, C++, C#, Ruby, Perl, Python, SQL.
Benefits
- Competitive salary range of USD $120,000.00 - USD $127,000.00/Yr.
- Opportunities for continuing education and professional development.
- Health insurance and other standard benefits.
