Advanced Technologies and Laboratories International
Cyber Defense Analyst
Advanced Technologies and Laboratories International, Oak Ridge, Tennessee, United States, 37830
Cyber Defense Analyst Location US-TN-Oak Ridge Job ID 2024-10867 Overview Advanced Technologies & Laboratories (ATL), a Planned Systems International (PSI) company, is hiring a Cyber Defense Analyst for a position at the Department of Energy (DOE) Y12 plant which is a DOE and National Nuclear Security Administration (NNSA) site in support of the Information Solutions & Services (ISS) and Cybersecurity Program (CSP). This job description reflects the critical role you'll play in maintaining the network infrastructure at Y12. If you're ready to contribute to national security and work in a dynamic environment, we encourage you to apply Essential Functions and Job Responsibilities The Cyber Defense Analyst will play a critical role in our cybersecurity team, responsible for identifying, analyzing, and mitigating cyber threats. The analyst will notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected security incidents and communicate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan. Your responsibilities will include: Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources; develop content for cyber defense tools. Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack; perform cyber defense trend analysis and reporting. Provide daily summary reports of network events and activity relevant to cyber defense practices. Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts. Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities. Use cyber defense tools for continual monitoring and analysis of system activity to identify potential malicious activity. Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information. Identify applications and operating systems of a network device based on network traffic. Reconstruct a malicious attack or an activity utilizing network traffic. Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected security incidents and communicate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan. Proficient in using data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events for mitigating threats. Strong ability to characterize and analyze network traffic to identify anomalous activity and potential threats. Skilled in documenting and escalating incidents with detailed event history, status, and potential impact. Capable of performing event correlation and cyber defense trend analysis. Experience in providing daily summary reports of network events and activities. Proficient in analyzing network alerts and determining possible causes. Ability to provide timely detection, identification, and alerting of possible attacks/intrusions. Expertise in using cyber defense tools for continual monitoring and analysis. Strong analytical skills to determine weaknesses exploited, exploitation methods, and effects on systems and information. Ability to identify applications and operating systems of network devices based on network traffic. Skilled in reconstructing malicious attacks or activities using network traffic. Minimum Requirements Must have a DOE "L" Clearance. Must have one of the following combinations of education and experience in a technical field (Compensation will be based on education and experience, with technical field experience weighted more heavily than minimum education.): PhD and limited experience or master's degree and 2 to 5 years of related experience or bachelor's degree and 5 to 10 years of related experience or associate's degree and 10 to 15 years of related experience. PhD and 2 to 5 years of related experience or master's degree and 5 to 10 years of related experience or bachelor's degree and 10 to 15 years of related experience or associate's degree and 15 to 20 years of related experience. Recognized as an expert in their field. PhD and 5 or more years of related experience or master's degree and 10 or more years of related experience or bachelor's degree and 15 or more years of related experience or associate's degree and 20 or more years of related experience. Recognized as an expert in their field. This level should be limited to a small population. Company Benefits PSI offers full-time, benefits eligible employees a competitive total compensation package that includes paid leave, and options for employer sponsored group medical, dental, vision, short-term and long-term disability, life insurance, AD&D coverage, legal services, identity theft, and accident insurance. Flexible spending account and health saving account options offer pre-tax savings for qualified medical, dental, and vision expenses. The company sponsored 401(k) retirement plan has an employer contribution match that is immediately vested. We invest in the professional growth of our employees through professional courses, certifications, and tuition reimbursement programs. EEO Commitment It is company policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits, and termination, are made without regard to race, color, religion, age, sex, sexual orientation, pregnancy, gender identity, genetic information, national origin, citizenship status, veteran status, protected veteran status, disability, or any other characteristic protected by applicable federal, state, or local law. Reasonable accommodations for applicants and employees with disabilities will be provided. If a reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources by emailing HRDepartmentplan-sys.com, or by dialing 703-575-8400.