Description
Description
SAIC is seeking a Network Threat Analyst to join our team and support MARFORCYBER's CCSSIII program. The ideal candidate will have demonstrated experience within a network or security operations center, identifying analyzing and reporting on threats and vulnerabilities.
This position is onsite at Fort Meade, MD.
Key Responsibilities:
Correlating data from multiple sources, including host, network, user, and intelligence reports to uncover threats.
Collection, aggregation, and interpretation of log data from various sources. Configuration, management, and optimization of Network Intrusion Detection Systems and Host-based Intrusion Detection Systems to include fine-tuning security rule sets for tools such as Suricata, Snort, Yara, and Sigma.
Deep packet inspection and identification of malicious traffic using packet analysis tools, such as Wireshark or Network Miner.
Threat hunting to identify advanced persistent threats and zero-day vulnerabilities using various threat hunting methodologies.
Provide input into DCO mission products such as pre-mission planning briefs, situation reports, post mission documentation, after action reports and lessons learned at the conclusion of events such as operations, exercises, and training.
Integration and management of SIEM and SOAR platforms, such as Elastic, Splunk, Sentinel, and other open-source or government provided solutions.
Qualifications
Typical Education and Experience:
- Bachelor's degree or higher in Computer Science, Software Engineering, or Computer Engineering from an accredited college or university and 6 years of experience in the degree fields.
- OR Global Information Assurance Certification (GIAC), Certified Forensics Analyst (GCFA) Certification or GIAC, Certified Intrusion Analyst (GCIA) Certification with 10 years of experience in both Host analysis and Network analysis.
- OR 12 years of experience as a Threat Analyst with experience in both Host analysis and Network analysis.
- OR 12 years of experience in Offensive Cyber Operations as an Interactive Operator on-Network (ION) or Exploitation Analyst (EA).
Required Skills
2 years of experience as an instructor in threat analysis or 3 years of experience in a leadership position, with 4 or more direct reports, in an organization such as a Security Operations Center, a Cyber Emergency Response Team, a Cyber Protection Team/Blue Team or a Red Team/Cyber Mission Team.
Demonstrated experience training and developing subordinates on foundational areas such as network and host analysis, JQR, Mission qualification, and KSA's related to their assigned work role.
Knowledge and working experience with Suricata, Snort, Yara, and Sigma, Elastic, Splunk, Sentinel, and other open source or government provided solutions.
IAT Level III certification
Required Clearance:
- TS/SCI with polygraph is required. Polygraph MUST be dated within the last five years.
Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Apply on company website
Find Connections via Linkedin
