drjobs Watch Floor Cybersecurity Analyst - SME

Watch Floor Cybersecurity Analyst - SME

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Huntsville, AL - USA

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

Description

TMC Technologies is in search of a SMElevel Cybersecurity Analyst to join the FBIs ESOC Watch Floor Operations Team playing a crucial role in the FBIs cybersecurity defense strategy. Operating around the clock 24/7 365 days a year this dynamic team ensures the timely detection and resolution of potential security incidents thereby minimizing the impact of cyber threats on the organization. The watch floor team is responsible for actively detecting monitoring preventing and analyzing realtime cybersecurity information events and threats. The candidate must be a US citizen and possess a minimum of an active Top Secret clearance with Sensitive Compartmented Information (SCI) eligibility to start due to federal contract requirements. This position is in support of a contract bid opportunity with expected award in midJune 2025.

The Watch Floor Cybersecurity Analyst SME will have the following responsibilities:

Conduct continuous monitoring of security alerts and events from various sources such as security tools logs and sensors.
Analyze the data to identify potential security incidents or anomalies.
Detect and identify security incidents and breaches in real me or nearrealtime.
Utilize security information on and event management (SIEM) systems to correlate data and detect patterns indicative of malicious activity.
Prioritize and triage security alerts based on their severity and potential impact.
Determine whether an alert requires immediate attention and response.
Initiate incident response procedures for confirmed security incidents.
Coordinate and collaborate with incident response teams to contain eradicate and recover from security breaches.
Communication on with relevant stakeholders including IT teams management and external partners.
Collaborate with different teams to share information and coordinate response efforts.
Integrate threat intelligence feeds to enhance the Security Operations Centers (SOC) understanding of current and emerging threats.
Leverage threat intelligence to defend against potential attacks proactively.
Generate reports on security incidents including their nature scope and impact and disseminate upon approval for release.
Possess indepth knowledge of cybersecurity principles practices and frameworks including Incident Response Frameworks Executive Orders and National Cybersecurity Strategies CIS Controls ISO/IEC 27001 NIST Cybersecurity Framework and Federal Information Security Management Act (FISMA) to guide SOC operations.
Exhibit comprehensive familiarity with various security technologies including firewalls IDS/IPS endpoint protection and advanced threat detection tools.
Possess expert knowledge of network protocols opera ng systems and application security to effectively analyze and respond to emerging threats.
Maintain a robust understanding of current and emerging cybersecurity threats vulnerabilities and trends leveraging this knowledge to inform proactive defense strategies.
Have significant experience managing and responding to security incidents including expertise in incident response frameworks methodologies and best practices.
Demonstrate thorough knowledge of compliance requirements and regulations relevant to cybersecurity such as GDPR HIPAA and PCI DSS ensuring adherence to industry standards.
Possess familiarity with various threat intelligence sources and the ability to integrate and operationalize threat intelligence within security operations.
Have a strong understanding of security awareness training techniques effectively educating staff on best practices and threat awareness.
Exhibit a commitment to ethical conduct and maintaining the confidentiality integrity and availability of organizational data.
Understand the principles of risk management and vulnerability assessment to identify and mitigate potential security risks effectively.
Have extensive experience in conducting digital forensics and malware analysis taking a lead role in investigations of complex security incidents.



Requirements

US Citizenship and active Top Secret clearance with SCI eligibility required
Minimum of 10 years of relevant experience required
Experience with scripting languages (Python PowerShell etc) required
Bachelors Degree preferred
Experience with security information and event management (SIEM) systems required
Splunk Enterprise Security Certification required
Preferred certifications include:
GIAC Continuous Monitoring Certification (GMON)
GIAC Certified Incident Handler (GCIH)
GIAC Certified Forensic Analyst (GCFA)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Network Forensic Analyst (GNFA)
GIAC Cloud Threat Detection (GCTD)
GIAC Cloud Forensics Responder (GCFR)
Microsoft Sentinel




Required Experience:

Manager

Employment Type

Full-Time

Company Industry

About Company

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.