Watch Floor Cybersecurity Analyst - SME
Watch Floor Cybersecurity Analyst - SME
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
TMC Technologies is in search of a SMElevel Cybersecurity Analyst to join the FBIs ESOC Watch Floor Operations Team playing a crucial role in the FBIs cybersecurity defense strategy. Operating around the clock 24/7 365 days a year this dynamic team ensures the timely detection and resolution of potential security incidents thereby minimizing the impact of cyber threats on the organization. The watch floor team is responsible for actively detecting monitoring preventing and analyzing realtime cybersecurity information events and threats. The candidate must be a US citizen and possess a minimum of an active Top Secret clearance with Sensitive Compartmented Information (SCI) eligibility to start due to federal contract requirements. This position is in support of a contract bid opportunity with expected award in midJune 2025.
The Watch Floor Cybersecurity Analyst SME will have the following responsibilities:
Conduct continuous monitoring of security alerts and events from various sources such as security tools logs and sensors.
Analyze the data to identify potential security incidents or anomalies.
Detect and identify security incidents and breaches in real me or nearrealtime.
Utilize security information on and event management (SIEM) systems to correlate data and detect patterns indicative of malicious activity.
Prioritize and triage security alerts based on their severity and potential impact.
Determine whether an alert requires immediate attention and response.
Initiate incident response procedures for confirmed security incidents.
Coordinate and collaborate with incident response teams to contain eradicate and recover from security breaches.
Communication on with relevant stakeholders including IT teams management and external partners.
Collaborate with different teams to share information and coordinate response efforts.
Integrate threat intelligence feeds to enhance the Security Operations Centers (SOC) understanding of current and emerging threats.
Leverage threat intelligence to defend against potential attacks proactively.
Generate reports on security incidents including their nature scope and impact and disseminate upon approval for release.
Possess indepth knowledge of cybersecurity principles practices and frameworks including Incident Response Frameworks Executive Orders and National Cybersecurity Strategies CIS Controls ISO/IEC 27001 NIST Cybersecurity Framework and Federal Information Security Management Act (FISMA) to guide SOC operations.
Exhibit comprehensive familiarity with various security technologies including firewalls IDS/IPS endpoint protection and advanced threat detection tools.
Possess expert knowledge of network protocols opera ng systems and application security to effectively analyze and respond to emerging threats.
Maintain a robust understanding of current and emerging cybersecurity threats vulnerabilities and trends leveraging this knowledge to inform proactive defense strategies.
Have significant experience managing and responding to security incidents including expertise in incident response frameworks methodologies and best practices.
Demonstrate thorough knowledge of compliance requirements and regulations relevant to cybersecurity such as GDPR HIPAA and PCI DSS ensuring adherence to industry standards.
Possess familiarity with various threat intelligence sources and the ability to integrate and operationalize threat intelligence within security operations.
Have a strong understanding of security awareness training techniques effectively educating staff on best practices and threat awareness.
Exhibit a commitment to ethical conduct and maintaining the confidentiality integrity and availability of organizational data.
Understand the principles of risk management and vulnerability assessment to identify and mitigate potential security risks effectively.
Have extensive experience in conducting digital forensics and malware analysis taking a lead role in investigations of complex security incidents.
Requirements
US Citizenship and active Top Secret clearance with SCI eligibility required
Minimum of 10 years of relevant experience required
Experience with scripting languages (Python PowerShell etc) required
Bachelors Degree preferred
Experience with security information and event management (SIEM) systems required
Splunk Enterprise Security Certification required
Preferred certifications include:
GIAC Continuous Monitoring Certification (GMON)
GIAC Certified Incident Handler (GCIH)
GIAC Certified Forensic Analyst (GCFA)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Network Forensic Analyst (GNFA)
GIAC Cloud Threat Detection (GCTD)
GIAC Cloud Forensics Responder (GCFR)
Microsoft Sentinel
Required Experience:
Manager
Employment Type
Full-Time
