Position: Cyber Threat Analyst – Intermediate

Reports to: Director, Enterprise Services

Location: Ft. Belvoir, Va

Manages: No Direct Reports

 

Crystal Clear Technologies, a Woman Owned Small Business, was founded in 2002 with the primary goal of serving those who serve. The company is built to support the mission critical requirements of our Department of Defense customers.  CCT has been recognized as one of the fastest growing private businesses in America.

Duties and Responsibilities:

  • Identify threats and compromise within client environments through real time analysis of logs and alerts.
  • Analyze all relevant Cyber event data and other data sources for indicators of attack and potential network compromise, produce reports, and assist with incident response.
  • Apply knowledge of computer and network architecture to provide analysis during investigations, identifying adversarial activity and methods for future detection and prevention, including developing IDS/IPS signatures.
  • Use a combination of Open Source research, network, and host forensic analysis, log review and correlation, and PCAP analysis to complete investigations.
  • Manage incident life cycle, ensuring that all investigations kept current and are complete.
  • Operate intrusion prevention systems, intrusion detection systems, other point of presence security tools, and related security operations.
  • Develop comprehensive security write-ups which describe security issues, analysis, and remediation techniques to client leadership.
  • Perform other duties as assigned.

 

 

Skills & Qualifications:

 

  • Minimum 3 years of DoD Network Operations experience
  • Working knowledge and understanding of Security information and event management (SIEM), network analysis, and use of automated tools (ArcSight)
  • S. Computer Science, Information Assurance, Cybersecurity, or other related field
  • Understanding of IT Security concepts to include network design, countermeasures, risk management, operational security and attack techniques
  • Possess Active or Current TS/SCI clearance
  • DoD 8570.01-M IAT Level II or IAM Level II certification (CISSP preferred)
  • Applicable CNDSP Certification (GCIA, GCIH, or CEH)