Attack, Sensing and Warning Analyst (AS&W)-Tier 2

Description

Job Description:

Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.

The DHS CBP SOC Program has a critical need for a Tier 2 Attack, Sensing and Warning Analyst (AS&W) who will be working 12 hours shifts: Either Day Fronts which is Sunday, Monday, Tuesday, and alternating weeks, 8 hours on Wednesday or Day Back which is Thursday, Friday, Saturday and 8 hours on alternating Wednesdays.

The Tier 2 Attack, Sensing and Warning Analyst (AS&W) will be supporting these specialized areas:

• Email security
• Digital media forensic
• Monitoring and detection
• Incident Response
• Vulnerability assessment and pen test
• Cyber intelligence analysis.
• Supports detection, containment, and eradication of APT activities targeting customer networks.
• Will process community reporting, conduct link analysis, and collaborate with other Government cyber fusion teams.
• Publish intelligence products to inform network defenders about APT activities, new detection methods, among other topics of interest.

Required Skills:

• *** candidates must be able to obtain a CBP BI
• Bachelors’ degree in Computer Science, Engineering, Information Technology, Cyber Security, or related field.
• Minimum of 4 years of professional experience in incident detection and response, malware analysis, or cyber forensics.
• Additional years of experience and cyber certifications may be considered in lieu of a degree.
• Extensive experience analyzing and synthesizing information with other relevant data sources, providing guidance and mentorship to others in cyber threat analysis and operations, evaluating, interpreting, and integrating all sources of information, and fusing computer network attack analyses with counterintelligence and law enforcement investigations.

In addition, 2 years of specialized experience in one or more of the following areas:

• Email security
• Digital media forensic
• Monitoring and detection
• Incident Response
• Vulnerability assessment and pen test
• Cyber intelligence analysis

Must have at least one of the following certifications:

SANS GIAC: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON or GCIH ISC2 CCFP, CCSP, CISSP CERT CSIH EC Council: CHFI, LPT, ECSA, Offensive Security: OSCP, OSCE, OSWP and OSEE EnCase: EnCE Dod 8570: IAT L3, CNDSP Analyst or IR Carnegie Mellon: CCSIH"

Desired Skills:

• Experience in cyber government, and/or federal law enforcement. Experience with Cyber Kill Chain.

External Referral Bonus:

Potential for Telework:

Clearance Level Required:

Travel:

Scheduled Weekly Hours:

Shift:

Requisition Category:

Job Family: