- Provide correlation and analysis of cyberspace incident reports derived from reliable sources, network sensors, vulnerability management devices, open source information, and Industry
- Government provided situational awareness of known adversary activities.
- Applies expert knowledge of Named Areas of Interest (NAI) and advanced persistent threats to review, analyze, and maintain the content of an indicator database to aid in the detection and mitigation of threat activity.
- Utilize COTS/GOTS analyses tool and expert knowledge to provide threat detection analysis and monitoring, correlation, and prevention of cyber threat activity targeting the customer network.
- This task requires technical knowledge on the utilization of government and industry capabilities, best security practices, advanced log analysis, forensics, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, and anti-virus capabilities.
- Additionally, this task requires technical knowledge of forensics analysis to determine adversary methods of exploiting information system security controls, the use of malicious logic, and the lifecycle of network threats and attack vectors.
- Must produce reports on the unique TTPs utilized and conduct incident handling/triage, network analysis and threat detection, trend analysis, metric development, and security vulnerability information dissemination.
- Must be able to assist the customer with developing metrics and trending/analysis reports of malicious activity and develop signatures for threat detection. (It should be understood that this is not intended to be a detailed nor comprehensive description of any individual employee's job content. Managers set the specific duties and responsibilities for each employee).
KNOWLEDGE/SKILLS AND ABILITY:
- Limited use and/or application of technical principles, theories, and concepts. Receives assignments in the form of specific tasks for the work to be completed.
- Work is reviewed by management to measure meeting objectives and schedules.
- Develops solutions to routine technical problems of limited scope.
- Follows standard practices and procedures in analyzing situations or data from which answers can be readily obtained.
FREEDOM TO ACT:
- Work is closely supervised. Follows specific, detailed instructions.
- Contributes to completion of routine technical tasks.
- Failure to achieve results can normally be overcome without serious effect on schedules and programs
Qualifications - External
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and 0 years related experience.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.