Powder River Industries LLC
Cyber Defense Analyst
Powder River Industries LLC, Oak Ridge, Tennessee, United States, 37830
Powder River Industries, LLC provides technical services across the entire system development life cycle (SDLC). As a prime we are responsible for complete end-to-end system management for a customer's top secret enterprise mission systems. This includes data center, logistics support, configuration management, COOP, and disaster recovery. As a subcontractor we are providing services in DevSecOps, software development, network administration, systems analysis, database administration, storage engineering, hardware engineering, Tier 1 - Tier 3 support in traditional data center environments (bare metal frames), high performance computing (HPC) centers, cloud, and hybrid cloud. The cloud environments we are operating in today are AWS, Microsoft Azure, and Oracle.
Requirements
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources; develop content for cyber defense toolsDocument and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environmentPerform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack; perform cyber defense trend analysis and reportingProvide daily summary reports of network events and activity relevant to cyber defense practicesReceive and analyze network alerts from various sources within the enterprise and determine possible causes of such alertsProvide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activitiesUse cyber defense tools for continual monitoring and analysis of system activity to identify potential malicious activityAnalyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and informationIdentify applications and operating systems of a network device based on network trafficReconstruct a malicious attack or an activity utilizing network traffic
Non Negotiable Requirements:
1. Q or Top Secret with investigation current within the last 5 years
2. On-site, no remote
3. Travel Required. One week, once per quarter.
Technical Environment:
Microsoft, Linux, Splunk, Ansible, Tenable, GEMS
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
Requirements
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources; develop content for cyber defense toolsDocument and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environmentPerform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack; perform cyber defense trend analysis and reportingProvide daily summary reports of network events and activity relevant to cyber defense practicesReceive and analyze network alerts from various sources within the enterprise and determine possible causes of such alertsProvide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activitiesUse cyber defense tools for continual monitoring and analysis of system activity to identify potential malicious activityAnalyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and informationIdentify applications and operating systems of a network device based on network trafficReconstruct a malicious attack or an activity utilizing network traffic
Non Negotiable Requirements:
1. Q or Top Secret with investigation current within the last 5 years
2. On-site, no remote
3. Travel Required. One week, once per quarter.
Technical Environment:
Microsoft, Linux, Splunk, Ansible, Tenable, GEMS
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.