Constellation Technologies, Inc. Cyberspace Analyst (All Levels) in Aurora, Colorado
Cleaerance Requirment: TS/SCI w/Poly
Cyber/System Security Monitoring Analyst (All Levels)
The selected candidate will join a high performing agile team that uses the Scaled Agile Framework (SAFe) methodology to support a nationally significant and fast-paced program. Program execution follows DEVOPS best practices and employs robust development, test and production environments. Test Driven Development (TDD) and test automation tools are utilized alongside a full suite of team collaboration tools. The program is focused on injecting new technology and adding advanced capabilities in support of an on-going operational system. The selected candidate will be responsible for performing Security Incident and Event Handling for a critical DoD operational system. He/she must demonstrate strong skills in Incident Response and Handling, Forensic Analysis, and the ability to quickly relay critical information to team members and management clearly, completely, and concisely.
Primary Roles and Responsibilities
As the Attack, Sensing, Warning, and Response (ASWR) analyst, the successful candidate will analyze collected data and derive facts, inferences, and projections to determine if the systems being monitored are operating normally or being attacked by an adversary. He/she will analyze this collected data to detect insider threats and will develop new dashboards and analytics to refine existing reports and create new reports. He/she will work with System Engineers and System Administrators to better define the audit data being collected to eliminate false positives and false negatives from the data.
Bachelor's Degree in Information Assurance or related field. Relevant work experience may be substituted for a degree.
Experience with an Indications and Warnings monitoring tools such as StealthWatch, TripWire, Zenoss, ArcSight, Splunk.
Experience tuning audit data to reduce number of false positives and false negatives and experience responding to detected security incidents.
Must possess excellent troubleshooting skills.
Must have a solid understanding of network intrusion detection methods and techniques.
Network Security Operations Center (SOC) experience.
Experience and talent in data visualization.
Experience creating Dashboards and Analytics within SEIM (Security Information and Event Management) Tool and creating workflows for Incident Response within a SEIM Tool.
GIAC Certified Incident Handler Certification.
GIAC Cyber Threat Intelligence Certification.