Cyber Defense Analyst

Spectra Tech is in need of a Cyber Defense Analyst for a position in Oak Ridge, TN. Job Description: This is a 12 month contract with one option year. This position will work a hybrid schedule (onsite one week per month at Y12 and Telework). The Cyber Defense Analyst has to have at least an active L clearance (Q is preferred). Pantex is looking for levels 4 - 6 CDAs. Knowledge, Skillset, and Abilities (KSAs) - Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. 1. Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources; develop content for cyber defense tools 2. Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment 3. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack; perform cyber defense trend analysis and reporting 4. Provide daily summary reports of network events and activity relevant to cyber defense practices 5. Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts 6. Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities 7. Use cyber defense tools for continual monitoring and analysis of system activity to identify potential malicious activity 8. Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information 9. Identify applications and operating systems of a network device based on network traffic 10. Reconstruct a malicious attack or an activity utilizing network traffic 11. Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected security incidents and communicate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan Essential Job Functions: Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected security incidents and communicate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan Educational Requirements: Need at least an Associates (10-15 years experience). Experience Level: Minimum PHD -2 to 5 years or more experience, Masters 5 to 10 years or more experience, Bachelors 10 to 15 years or more experience, and Associates 15 to 20 years or more experience