Mid-Career Cyber Defense Specialist, TSSCI with Poly

Arlington, TX - USA

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Position:Cyber Defense Specialist Mid-Career
Clearance:Active Top Secret/SCI with a CI polygraph is required.
Location:Northern VA and Fort Meade
Employment Type:Full time onsite contract

Position summary

We are seeking an experienced Cyber Defense Specialist with prior USCYBERCOM experience to join our team. Experience with Security Operations Centers (SOC) and or Defensive Cyber Operations (DCO) teams is what we are looking for. The ideal candidate will leverage their deep understanding of military cyberspace operations to perform advanced threat analysis lead incident response efforts and proactively hunt for threats. This role requires a high degree of technical expertise analytical skills and the ability to work collaboratively in a fast-paced high-stakes environment.

Key responsibilities

Incident response and analysis:Lead in-depth investigations into security incidents correlating data from multiple sources to understand the scope and impact of attacks.
Threat hunting:Proactively search for and identify undiscovered threats within the network by using threat intelligence and advanced analytics inSplunk.
DCO tactics and procedures:Apply hands-on experience with military DCO tactics techniques and procedures (TTPs) to protect and defend critical network infrastructure.
Splunk administration and analysis:Use Splunk for data ingestion real-time searching and visualization to gain insights from logs and events. Build dashboards reports and alerts to support security monitoring and incident response.
Endpoint security:Leverage and integrate modern Endpoint Detection and Response (EDR) tools to monitor detect and respond to threats on individual host systems. Manage endpoint security policies and analyze alerts from endpoint agents.
Threat intelligence:Analyze and integrate threat intelligence feeds including those from DoD sources and platforms to stay current on adversary TTPs and emerging cyber threats.
Reporting and documentation:Document incident timelines analysis findings and remediation actions for senior leadership and stakeholders. Develop briefings for both technical and non-technical audiences.
Operational planning support:Provide subject matter expertise to influence and support defensive cyber strategies and operational planning efforts.
Mentorship and guidance:Act as a mentor for junior analysts helping to refine their investigative and analytical skills.

Required qualifications

Education:Bachelors degree in computer science Cybersecurity Information Technology or a related field. Relevant experience may be substituted for a degree.
Experience:

5 years of hands-on experience in a Security Operations Center (SOC) or a DCO role.
Proven experience working with military cyber operations specifically within USCYBERCOM or a service-component cyber command.
Demonstrated experience with incident response malware analysis and digital forensics.

Technical skills:

Extensive knowledge of network protocols (TCP/IP) operating systems (Windows Linux) and cloud security principles.
Proficiency withSplunkfor security analysis alert creation and dashboard generation.
Hands-on experience with endpoint security tools. Experience with modern end point detection and response (EDR) solutions is highly desirable.
Proficiency with other security tools such as IDS/IPS and packet analysis tools (e.g. Wireshark).
Working knowledge of scripting languages like Python or PowerShell for automation and data analysis.

Soft skills:

Strong critical thinking and problem-solving abilities.
Excellent communication and report-writing skills with the ability to articulate complex security issues clearly.
The ability to work both independently and collaboratively in a team environment.

Desired qualifications

Certifications:Professional certifications such as GMON GCIH GSOC GSE and other GIAC certifications are highly desirable.

Blue Sky Innovators Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex race color religion national origin disability protected Veteran status age or any other characteristic protected by law. If you are a qualified job seeker with a disability or a disabled veteran you have the right to request an accommodation if you are unable or limited in your ability to use or access as a result of your disability. To request an accommodation please email us at and provide your name and contact information. Please note: this is only for job seekers with disabilities requesting an accommodation.

Required Experience:

Position:Cyber Defense Specialist Mid-CareerClearance:Active Top Secret/SCI with a CI polygraph is required.Location:Northern VA and Fort MeadeEmployment Type:Full time onsite contractPosition summaryWe are seeking an experienced Cyber Defense Specialist with prior USCYBERCOM experience to join our ...

Position summary

Key responsibilities

Incident response and analysis:Lead in-depth investigations into security incidents correlating data from multiple sources to understand the scope and impact of attacks.
Threat hunting:Proactively search for and identify undiscovered threats within the network by using threat intelligence and advanced analytics inSplunk.
DCO tactics and procedures:Apply hands-on experience with military DCO tactics techniques and procedures (TTPs) to protect and defend critical network infrastructure.
Splunk administration and analysis:Use Splunk for data ingestion real-time searching and visualization to gain insights from logs and events. Build dashboards reports and alerts to support security monitoring and incident response.
Endpoint security:Leverage and integrate modern Endpoint Detection and Response (EDR) tools to monitor detect and respond to threats on individual host systems. Manage endpoint security policies and analyze alerts from endpoint agents.
Threat intelligence:Analyze and integrate threat intelligence feeds including those from DoD sources and platforms to stay current on adversary TTPs and emerging cyber threats.
Reporting and documentation:Document incident timelines analysis findings and remediation actions for senior leadership and stakeholders. Develop briefings for both technical and non-technical audiences.
Operational planning support:Provide subject matter expertise to influence and support defensive cyber strategies and operational planning efforts.
Mentorship and guidance:Act as a mentor for junior analysts helping to refine their investigative and analytical skills.

Required qualifications

Education:Bachelors degree in computer science Cybersecurity Information Technology or a related field. Relevant experience may be substituted for a degree.
Experience:

5 years of hands-on experience in a Security Operations Center (SOC) or a DCO role.
Proven experience working with military cyber operations specifically within USCYBERCOM or a service-component cyber command.
Demonstrated experience with incident response malware analysis and digital forensics.

Technical skills:

Extensive knowledge of network protocols (TCP/IP) operating systems (Windows Linux) and cloud security principles.
Proficiency withSplunkfor security analysis alert creation and dashboard generation.
Hands-on experience with endpoint security tools. Experience with modern end point detection and response (EDR) solutions is highly desirable.
Proficiency with other security tools such as IDS/IPS and packet analysis tools (e.g. Wireshark).
Working knowledge of scripting languages like Python or PowerShell for automation and data analysis.

Soft skills:

Strong critical thinking and problem-solving abilities.
Excellent communication and report-writing skills with the ability to articulate complex security issues clearly.
The ability to work both independently and collaboratively in a team environment.

Desired qualifications