Technical Analyst jobs in Santa Fe, NM

Description

Job Title Incident Response Analyst (Cybersecurity Technical Staff 3)

Location Los Alamos, NM, US

Organization Name CISO-CS Cybersecurity

Minimum Salary 112000

Maximum Salary 186700

What You Will Do

The selected candidate will be a member of the LANL Computer Security Incident Response Team (CSIRT) that is responsible for computer security incident response, host and network forensics, malware analysis, the development of countermeasures and advanced detection techniques.

• Performs identification, monitoring, detection, analysis, exploitation and/or mitigation of complex computer and network security vulnerabilities, incidents, and suspicious activity.
• Evaluates new tools, researches exploitation methods and techniques, and proposes innovative solutions to cyber security issues;
• Develops and implements metrics, analyzes data for new and unusual features, and manipulates raw data when needed to gather information.
• Participates in cyber incident response.
• Designs, develops, modifies, and debugs cyber protection and/or analysis software tools in an innovative and creative manner, using judgement and creativity in applying defined practices and procedures that leads to technical decisions including selection and adaptations of technical alternatives to strategic problems.
• Identifies and responds to complex computer security incidents, communicate findings, modify defenses and response measures as appropriate.
• Develops advanced methods, techniques, and standards and communicate findings to multiple audiences.
• Independently leads work on moderately complex cyber issues, providing guidance and direction as appropriate to other cyber security personnel.
• Day to day work may include incident and event triage, digital forensics, network archeology, and threat hunting.
• Critically analyzes malware and develop indicators to hunt across multiple networks and share with other organizations as appropriate.

What You Need

Minimum Job Requirements:

• A deep understanding of the cyber security landscape, including network and host system security issues and concepts, compliance, and certification.
• Advanced understanding of common network and host-based attacks, attack methods, network defense architectures, and security tools .
• Extensive experience with one or more of the following: malware analysis and reverse engineering; enterprise host and memory forensics; network forensics and packet analysis; incident response and incident coordination; penetration testing.
• Experience leading technical projects (such as deploying new visibility/monitoring technologies).
• Ability to mentor junior analysts and team building through knowledge sharing
• Strong critical thinking, analytical, documentation, and communication skills with the ability to collaborate well in a dynamic team environment

Education/Experience : Position requires a Bachelor's Degree in a technical field and a minimum of 8 years related experience; or, an equivalent combination of education and experience directly related to the occupation. At this level post graduate work may be expected.

Desired Qualifications:

• Experience with enterprise forensics tools, collection, and analysis techniques.
• Experience with memory analysis and enterprise collection methodologies, such as, memprocfs or similar tools.
• Experience with IDA Pro, Ghidra, Yara rule creation beyond string searching.
• Experience with Dynamic analysis of software samples via debuggers such as OllyDbg or IDA debugger.
• Experience with the MITRE ATT&CK framework (Hunting, creation of detection, and attack modeling).
• Familiarity with the incident response lifecycle and incident coordination.
• Ability to correlate events in enterprise logging solutions (SIEM) or data lake solutions.
• Extensive background developing regular expressions.
• Automated analysis and scripting with Python, Perl or similar languages.
• Tool integration and event correlation with differing API's.

Work Environment:

Work Location: The work location for this position has the potential for remote work. Remote work is defined as working offsite that is greater than 2 hours of the Laboratory location. Reporting onsite may be periodically necessary. All work locations are at the discretion of management.

Position commitment: Regular appointment employees are required to serve a period of continuous service in their current position in order to be eligible to apply for posted jobs throughout the Laboratory. If an employee has not served the time required, they may only apply for Laboratory jobs with the documented approval of their Division Leader. The position commitment for this position is 1 year.

Note to Applicants:

• A comprehensive cover letter detailing how you meet the minimum and desired job skills is recommended.
• Position includes on-call rotation responsibilities.

Where You Will Work

Located in beautiful northern New Mexico, Los Alamos National Laboratory (LANL) is a multidisciplinary research institution engaged in strategic science on behalf of national security. Our generous benefits package includes:

• PPO or High Deductible medical insurance with the same large nationwide network
• Dental and vision insurance
• Free basic life and disability insurance
• Paid maternity and parental leave
• Award-winning 401(k) (6% matching plus 3.5% annually)
• Learning opportunities and tuition assistance
• Flexible schedules and time off (paid sick, vacation, and holidays)
• Onsite gyms and wellness programs
• Extensive relocation packages (outside a 50 mile radius)

Additional Details

Directive 206.2 - Employment with Triad requires a favorable decision by NNSA indicating employee is suitable under NNSA Supplemental Directive 206.2 . Please note that this requirement applies only to citizens of the United States. Foreign nationals are subject to a similar requirement under DOE Order 142.3A.

Clearance: Q (Position will be cleared to this level). Selected applicants will be subject to a background investigation conducted by or on behalf of the Federal Government, and must meet eligibility requirements* for access to classified matter. This position requires a Q clearance. and obtaining such clearance requires ship except in extremely rare circumstances. Dependent upon the position, additional authorization to access classified information may be required, which may or may not be available to dual citizens. Receipt of a Q clearance and additional access authorization ultimately is a decision of the Federal Government and not of Triad.

*Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE Order 472.2 for additional information.

New-Employment Drug Test: The Laboratory requires successful applicants to complete a new-employment drug test and maintains a substance abuse policy that includes random drug testing. Although New Mexico and other states have legalized the use of marijuana, use and possession of marijuana remain illegal under federal law. A positive drug test for marijuana will result in termination of employment, even if the use was pre-offer.

Regular position: Term status Laboratory employees applying for regular-status positions are converted to regular status.

Internal Applicants: Regular appointment employees who have served the required period of continuous service in their current position are eligible to apply for posted jobs throughout the Laboratory. If an employee has not served the required period of continuous service, they may only apply for Laboratory jobs with the documented approval of their Division Leader. Please refer to Policy Policy P701 for applicant eligibility requirements.

Equal Opportunity: Los Alamos National Laboratory is an equal opportunity employer and supports a diverse and inclusive workforce. All employment practices are based on qualification and merit, without regard to race, color, national origin, ancestry, religion, age, sex, gender identity, sexual orientation, marital status or spousal affiliation, physical or mental disability, medical conditions, pregnancy, status as a protected veteran, genetic information, or citizenship within the limits imposed by federal laws and regulations. The Laboratory is also committed to making our workplace accessible to individuals with disabilities and will provide reasonable accommodations, upon request, for individuals to participate in the application and hiring process. To request such an accommodation, please send an email to or call 1- option 2 and then option 3.

Employment Status Full Time

Appointment Type Regular

Regular

Contact Details

Contact Name Saadat, Isra Miraja Imani (Isra)

Email

Work Telephone

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.