International Executive Service Corps
Cyber Defense Analyst
International Executive Service Corps, Oak Ridge, Tennessee, United States, 37830
Location:
Oak Ridge, TNDuration : 1 year with a 1 year optionWork Location : Y-12 National Security Complex (a combination of on-site at Y-12 and off-site telework)Clearance : An active DOE Q Clerance is required Q or equivalent active clearance that can reciprocate as Q such as a Top Secret (TS) Clearance
KeyLogic has an opening for a Cyber Defense Analyst for the Y-12 National Security Complex in Oak Ridge, TN. This position is responsible for using data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected security incidents and communicate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan
Knowledge, Skillset, and Abilities (KSAs)
Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources; develop content for cyber defense tools
Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack; perform cyber defense trend analysis and reporting
Provide daily summary reports of network events and activity relevant to cyber defense practices
Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
Use cyber defense tools for continual monitoring and analysis of system activity to identify potential malicious activity
Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information
Identify applications and operating systems of a network device based on network traffic
Reconstruct a malicious attack or an activity utilizing network traffic
Education : An Associates degree in a technical field and 10-15 years experience, a Bachelors degree in a technical field and 5-10 years of related experience, or a Masters degree in a technical field with 2-5 years experience.
#J-18808-Ljbffr
Oak Ridge, TNDuration : 1 year with a 1 year optionWork Location : Y-12 National Security Complex (a combination of on-site at Y-12 and off-site telework)Clearance : An active DOE Q Clerance is required Q or equivalent active clearance that can reciprocate as Q such as a Top Secret (TS) Clearance
KeyLogic has an opening for a Cyber Defense Analyst for the Y-12 National Security Complex in Oak Ridge, TN. This position is responsible for using data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected security incidents and communicate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan
Knowledge, Skillset, and Abilities (KSAs)
Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources; develop content for cyber defense tools
Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack; perform cyber defense trend analysis and reporting
Provide daily summary reports of network events and activity relevant to cyber defense practices
Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
Use cyber defense tools for continual monitoring and analysis of system activity to identify potential malicious activity
Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information
Identify applications and operating systems of a network device based on network traffic
Reconstruct a malicious attack or an activity utilizing network traffic
Education : An Associates degree in a technical field and 10-15 years experience, a Bachelors degree in a technical field and 5-10 years of related experience, or a Masters degree in a technical field with 2-5 years experience.
#J-18808-Ljbffr