The Role
Monitor and analyze network and host activity using cyber defense tools and SIEMs, generate and route cases, perform advanced threat hunting and event correlation, analyze attack techniques (including Active Directory abuse), and lead/mentor team members while performing after-action reviews.
Summary Generated by Built In
For the OPS Consulting team, ‘the power to help’ means helping our clients, helping serve the mission, helping our employees and their families, and helping the community. Headquartered in Hanover, MD. OPS Consulting has over two decades of experience specializing in the most mission-critical operations. We are thought leaders and innovators. The ingenuity of our developers, engineers, cyber experts, linguists, and analysts are dedicated to empowering our clients, fulfilling The Mission, and remaining trusted leaders and advisers in national security and technology solutions.
We are looking for a Cyber Defense Analyst 3 to join a growing team in Annapolis Junction, MD.
Responsibilities:
- Use cyber defense tools to monitor, detect, analyze, categorize, and perform initial triage of anomalous activity.
- Generate cybersecurity cases (including event’s history, status, and potential impact for further action) and route as appropriate.
- Perform advanced manual analysis to hunt previously unidentified threats.
- Identify cyber-attack phases based on knowledge of common attack vectors and network layers, models and protocols.
- Apply techniques for detecting host- and network-based intrusions.
- Analyze malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
- Possess deep knowledge of active directory abuse used by attackers for lateral movement and persistence.
- Perform after-action reviews of team products to ensure completion of analysis.
- Lead and mentor team members as a technical expert.
Requirements:
- Eight (8) years of demonstrated experience as a CDA in programs and contracts of similar scope, type, and complexity.
- A technical bachelor’s degree from an accredited college or university may be substituted for two (2) years of CDA experience.
- Two (2) years of demonstrated and practical experience in TCP/IP fundamentals.
- Two (2) years of demonstrated experience with tcpdump or Wireshark.
- Three (3) years of demonstrated experience using security information and event management suites (such as Splunk, ArcSight, Kibana, LogRhythm).
- Three (3) years of demonstrated experience in network analysis and threat analysis software utilization.
- CSSP Analyst baseline certification (e.g., CEH, CySA+, CFR, etc.)
- IAT Level I or II certification
- Computing Environment (CE) certification for supported systems
- Global Information Assurances Certificate (GIAC) OR Global Certified Incident Handler (GCIH)
- US citizenship and an active TS/SCI with Polygraph security clearance required
The Swift Group and Subsidiaries are an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Pay Range: $49,996.80 - $290,004.00
Pay ranges are a general guideline and not intended as a guaranteed and/or implied final compensation or salary for this job opening. Determination of official compensation or salary relies on several different factors including, but not limited to: level of position, complexity of job responsibilities, geographic location, work experience, education, certifications, Federal Government contract labor categories, and contract wage rates.
At The Swift Group and Subsidiaries, you will receive comprehensive benefits including but not limited to: healthcare, wellness, financial, retirement, education, and time off benefits.
Skills Required
- Eight (8) years demonstrated experience as a Cyber Defense Analyst in similar programs and contracts
- Technical bachelor's degree may be substituted for two (2) years of CDA experience
- Two (2) years demonstrated and practical experience in TCP/IP fundamentals
- Two (2) years demonstrated experience with tcpdump or Wireshark
- Three (3) years demonstrated experience using SIEM suites (Splunk, ArcSight, Kibana, LogRhythm)
- Three (3) years demonstrated experience in network analysis and threat analysis software utilization
- CSSP Analyst baseline certification (e.g., CEH, CySA+, CFR, etc.)
- IAT Level I or II certification
- Computing Environment (CE) certification for supported systems
- GIAC OR Global Certified Incident Handler (GCIH)
- US citizenship and an active TS/SCI with Polygraph security clearance
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
The Swift Group is a privately held, mission-driven and employee-focused services and solutions company headquartered in Reston, Virginia. Founded in 2019, Swift supports Civilian, Defense, and Intelligence Community customers, across the country and around the globe.
