By Light Professional IT Services
Cyber Countermeasures Engineer
By Light Professional IT Services, Scott Air Force Base, Illinois, United States,
Cyber Countermeasures Engineer
Job Locations
US-IL-Scott AFB
ID
2024-9940
# of Openings
1
Category
Cyber
Clearance
Tier 3 - Secret/ADP II
Company Overview
By Light is seeking a Cyber Countermeasures Engineer who's primary duty location is DISA Global Field Command (DGFC), Scott AFB, IL. Responsibilities
Provide direct mission support to government customers at Scott AFB, IL.
Serve as the cyber countermeasure Subject Matter Expert for a new cyber capability. Work directly with customer and commercial vendor cyber fusion/threat analyst teams to develop effective countermeasures addressing a wide range of priority and/or emerging cyber threats. Ensure countermeasures are effective in supporting desired mission outcomes. Provide critical integration between customer and commercial vendors teams Analyze signatures (ex. YARA, Snort) in Cyber Threat Intelligence or DoD orders and assess new capability coverage for these threats Required Experience/Qualifications
2+ years of experience in cyber analyst role Experience conducting malware analysis Experience developing behavioral threat signatures, such as YARA rules Experience with cyber operations and cyber operation planning processes Understands malicious cyber actor TTPs to include initial access and command-and-control Understands how to use cyber security tools and data to conduct defensive cyber operations Understands cyber threats and cyber threat frameworks such as Cyber Kill Chain and MITRE ATT&CK framework Understands Cyber Threat Intelligence (CTI) and how to integrate CTI into defensive cyber operations Preferred Experience/Qualifications
Hands on SIEM experience, preferably with Splunk, to include configuration, query development, log review/analysis, and correlation of event data 5+ years of experience in cyber analyst role, preferably supporting DGFC or JFHQ Experience with regex and signature development Experience with coding/scripting Cybersecurity certifications such as CISSP and/or GIAC certifications Splunk certifications Special Requirements/Security Clearance
Minimum Active Secret Clearance. Active TS and TS/SCI clearances are preferred
Job Locations
US-IL-Scott AFB
ID
2024-9940
# of Openings
1
Category
Cyber
Clearance
Tier 3 - Secret/ADP II
Company Overview
By Light is seeking a Cyber Countermeasures Engineer who's primary duty location is DISA Global Field Command (DGFC), Scott AFB, IL. Responsibilities
Provide direct mission support to government customers at Scott AFB, IL.
Serve as the cyber countermeasure Subject Matter Expert for a new cyber capability. Work directly with customer and commercial vendor cyber fusion/threat analyst teams to develop effective countermeasures addressing a wide range of priority and/or emerging cyber threats. Ensure countermeasures are effective in supporting desired mission outcomes. Provide critical integration between customer and commercial vendors teams Analyze signatures (ex. YARA, Snort) in Cyber Threat Intelligence or DoD orders and assess new capability coverage for these threats Required Experience/Qualifications
2+ years of experience in cyber analyst role Experience conducting malware analysis Experience developing behavioral threat signatures, such as YARA rules Experience with cyber operations and cyber operation planning processes Understands malicious cyber actor TTPs to include initial access and command-and-control Understands how to use cyber security tools and data to conduct defensive cyber operations Understands cyber threats and cyber threat frameworks such as Cyber Kill Chain and MITRE ATT&CK framework Understands Cyber Threat Intelligence (CTI) and how to integrate CTI into defensive cyber operations Preferred Experience/Qualifications
Hands on SIEM experience, preferably with Splunk, to include configuration, query development, log review/analysis, and correlation of event data 5+ years of experience in cyber analyst role, preferably supporting DGFC or JFHQ Experience with regex and signature development Experience with coding/scripting Cybersecurity certifications such as CISSP and/or GIAC certifications Splunk certifications Special Requirements/Security Clearance
Minimum Active Secret Clearance. Active TS and TS/SCI clearances are preferred