CLEARED Cyber Security Analyst

Job Title: CLEARED Cyber Security AnalystLocation: Oak Ridge, TN @ Y12Position Type: Hybrid 1 Week Per QUARTER On SiteKnowledge, Skillset, and Abilities (KSAs) Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.1.Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources; develop content for cyber defense tools2.Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment3.Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack; perform cyber defense trend analysis and reporting4. Provide daily summary reports of network events and activity relevant to cyber defense practices5. Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts6.Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities7. Use cyber defense tools for continual monitoring and analysis of system activity to identify potential malicious activity8. Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information9. Identify applications and operating systems of a network device based on network traffic10.Reconstruct a malicious attack or an activity utilizing network traffic11. Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected security incidents and communicate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan