Cyber Detection Analyst - CIRT

Title: Cyber Detection Analyst (CSA)

Education: Bachelor’s degree in electrical engineering, Computer Engineering, Computer

Science, or other closely related Information Technology field of study

Location: McLean, Virginia

Position Type: Full-Time

Position Work Site: Client On-site (not hybrid, not remote)

Compensation Range: Depends on experience, skills, tool knowledge, education

Clearance: MUST have a TS/SCI with Full Scope Poly

Hours: Sunday-Wednesday OR Wednesday-Saturday

Shift Hours: 

1st       (0600-1600)

2nd      (1200-2200)

3rd      (2100-0700)

WarCollar Industries wants you to join the team who protect and defend the largest target in the

world using your expertise in Host Based IDS, IPS, and specialized network defense. This

position will utilize the latest cyber tools available and assist in creating new ones while allowing

you to advance the nation’s information security posture.

RESPONSBILITIES:

*Creation, editing, and management of signatures, custom rules and filters for specialized network

defense systems including but not limited to:

*Manage and administer the tuning of rules, signatures, and custom content for specialized CND

applications and systems

*Identify potential conflicts with implementation of any CND tools within the enterprise and

develop recommendations to remediate these conflicts

*Participate in inter-agency relationships with partner organizations to facilitate mission

execution

*Provide innovation and creative solutions to challenging problems

*Provide logical use case development

*Provide and track requirements to engineering partners

*Identify gaps in visibility or coverage of cyber defense systems

*Ability to effectively use analytical and problem-solving skills

Required Skills:

*Two to ten (or more) years of related incident response experience.

*Excellent Interpersonal, organizational, writing, communications, and briefing skills.

*Intrinsic motivation and a desire to please the customer while growing your technical knowledge.

*Strong analytical and problem-solving skills.

Required Technology:

*Cloud Infrastructure Security

*Computer Network Exploitation

*Security Information and Event Management (SIEM) systems

*Web/Email gateway security technologies

*Network Intrusion Detection System/Intrusion Prevention Systems (EDR/NDR/IDS/IPS)

*Host Intrusion Detection System/Intrusion Prevention Systems (EDR/IDS/IPS)

*Network and Host forensic applications

*Familiarity with the following classes of enterprise cyber defense technologies:

-Security Information and Event Management (SIEM) systems (Splunk and/or Splunk Enterprise Security)

-SysMon

-SOAR

-Azure

DOD 8570 IAT Level I or CSSP-IR Certification (can be obtained after hire)

*Prepare data analytics and reporting

*Detection Assurance and rule validation 3 years of experience in Cyber Security, InfoSec,

Security Engineering or Network Engineering with emphasis in cyber security issues and

operations, computer incident response, systems architecture, data management

*Experience working with Mitre ATT&CK

*Experience using computer programming language(s) such as Python, JavaScript, Yara or Snort

*Ability to demonstrate interpersonal, organizational, writing, communications, and briefing

skills

Candidates must be United States citizens, hold an active Top Secret security clearance with Sensitive Compartmented Information (TS/SCI), and have a positively adjudicated FULL SCOPE polygraph to be considered for this position.