Cyber Data Analyst

Job Description

Links Solutions is seeking a Cyber Data Analyst to join our team at Fort Stewart, GA.

• Must be a US Citizen
• DoD Secret Clearance required
• Non-remote (relocation incentive available)
  
  

The Cyber Data Analyst will assess infrastructure vulnerabilities and collaborate with stakeholders to produce advanced cyber analytics, visualizations, and risk-based reports. They will also lead the analysis and correlation of compliance and vulnerability data across the Ft. Stewart Regional Network Enterprise Center (RNEC) managed endpoints.

This role involves identifying critical assets, mapping traffic patterns, integrating various cybersecurity tools (e.g., firewall logs, ACAS/Tenable, HBSS/Trellix, Microsoft MDE/EDR), and generating actionable insights through Power BI dashboards.

Become an integral part of a professionally diverse team while working at an industry-leading organization. This is a great opportunity that will allow you to work on innovative projects that offer advancement and growth while helping protect our national security.

Job Responsibilities

• Critical Asset Identification & Network Analysis:
• Identify high-value assets within the RNEC's network and assess their security posture.
• Perform detailed network topology mapping, documenting traffic flows and analyzing east-west and north-south traffic patterns to assess vulnerabilities.
• Use tools such as Wireshark, TShark, or NetFlow to capture and analyze network traffic.
• Data Integration:
• Integrate data from firewalls, ACAS/Tenable vulnerability scanners, Trellix/HBSS endpoint protection, and Microsoft MDE/EDR into centralized systems.
• Implement secure API connections between these tools and Power BI or a SIEM to aggregate and normalize data for analysis.
• Risk and Vulnerability Assessment:
• Perform risk assessments by analyzing compliance, vulnerability, and traffic data to prioritize high-risk assets and vulnerabilities.
• Use data from ACAS for vulnerability scanning and compare it with the MITRE ATT&CK framework to understand how adversaries could exploit the vulnerabilities.
• Assess logs from EDR/MDE solutions to identify anomalous activities or indicators of compromise (IoCs).
• Security Tool Expertise:
• Maintain a comprehensive understanding of security tools and their data outputs, including firewall logs (Cisco ASA, Palo Alto), endpoint protection platforms (HBSS/Trellix), and vulnerability scanning tools (Tenable/ACAS).
• Identify how each tool's dataset correlates with others to provide comprehensive visibility of the network's security posture.
• Collaboration and Reporting:
• Collaborate with Government stakeholders to design security dashboards that reflect organizational needs, including compliance metrics, vulnerability trends, and Plan of Action and Milestones (POA&M) status.
• Lead efforts to produce reports and visualizations in Power BI that support proactive risk management and decision-making.
• Provide briefings and reports along with recommendations to enhance the organization’s security posture to Senior Leadership.
  

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job.