GCyber is an information technology services company that was founded to create innovative forward-leaning solutions to enhance the capabilities of our customers. GCyber engineers have satisfied the technology needs of the U.S. Government for over 20 years. We maintain relationships with key researchers, scholars, and analysts who have specialized expertise in the federal market. GCyber’s broad experience, focus toward desired outcomes, and commitment to innovation ensures responsive and long-lasting results.
This position requires the candidate to actively hold a DoD TS/SCI with CI Poly security clearance.
Responsibilities:
- Serve as subject matter expert in analyzing network traffic for defensive cyber operations
- Utilize Network Intrusion Detection Systems (NIDS) in order to identify Indicators of Compromise (IOC) in network traffic
- Apply analytical methods needed to identify anomalies in network traffic and the skills required to reverse engineer network protocols
- Monitor operational environment and report on adversarial activities which fulfill leadership's priority information requirements
- Work with stakeholders to resolve computer security incidents and vulnerability compliance
- Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity
- Evaluate security architecture and its design against cyberspace threats as identified in operational and acquisition documents
- Perform security reviews and identify gaps in security architecture and develop a security risk management plan
- Detect exploits against targeted networks and hosts and react according to established CPT documentation
- Conduct network scouting and vulnerability analyses of systems within a given target network
- Provide and maintain documentation for TTPs as inputs to training programs
- Read, interpret, write, modify, and execute simple scripts that perform tasks such as: parsing large data files, automating manual tasks, and fetching/processing remote data
- Recommend Patch network vulnerabilities to ensure information is safeguarded against outside parties via Risk Mitigation Plans
- Identify and analyze anomalies in network traffic using metadata
- Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts
- Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools
- Store, retrieve, and manipulate data for analysis of system capabilities and requirements
- Provide input to the analysis, design, development or acquisition of capabilities used for meeting mission objectives
- Analyze information to determine, recommend, and plan the development of a new application or modification of an existing application
- Design countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities in system and elements
- Collaborate with intelligence analysts/targeting organizations involved in related areas
- Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
- Coordinate with enterprise-wide cyber defense staff to validate network alerts
- Identify applications and operating systems of a network device based on network traffic
- Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan
- Plan and recommend modifications or adjustments based on exercise results or system environment
- Provide training and guidance, both formal and informal (ad-hoc), to junior members of the CPT on tools, capabilities, tactics, techniques, procedures, knowledge and skills
Requirements:
- Bachelor's degree desired, but not required
- 7+ years of experience in any combination of cyber technology, cybersecurity, offensive cyber operations, penetration testing, coding/scripting, vulnerability assessments, network/system administration, or related fields
- 4+ years of experience conducting or supporting Cyber Mission Forces exercises
- Must possess the ability to self-certify on network analysis capabilities that are used or may be encountered during CPT support missions
- Experience analyzing network protocols, theory of their operation, header structure, and forensic value
- Must be compliant with CSSP-SPM or CSSP-AU qualification standard +
- Advanced Security Onion Course Certification
- Advanced Network Forensic and Analysis Certification
- SIEM with Tactical Analytics (SEC555) completion.
- GIAC Certifications: GCIA, GSNA, GNFA
- Offensive Security Certified Practitioner (OSCP)
- Offensive Security Certified Expert (OSCE)
- Active TS/SCI security clearance with a CI polygraph, or the ability to obtain and maintain a CI polygraph
For more information about GCyber please visit our website at http://www.gcyber.com. Also please stay in touch and track future job openings by following us on LinkedIn http://www.linkedin.com/company/gcyber.
By submitting your resume for this position, you understand and agree that GCyber may share your resume, as well as any other related personal information or documentation you provide, with its partners and affiliated companies for the purpose of considering you for other available positions.
GCyber is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identify, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.