Job ID: 218018
Location: KEARNEYSVILLE, WV, United States
Date Posted: Aug 10, 2021
Subcategory: Cyber GRC
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Secret
Potential for Remote Work: No
Benefits: Click here
JOB DESCRIPTION: Provide correlation and analysis of cyberspace incident reports derived from reliable sources, network sensors, vulnerability management devices, open source information, and Industry/ Government provided situational awareness of known adversary activities. Applies expert knowledge of Named Areas of Interest (NAI) and advanced persistent threats to review, analyze, and maintain the content of an indicator database to aid in the detection and mitigation of threat activity. Utilize COTS/GOTS analyses tool and expert knowledge to provide threat detection analysis and monitoring, correlation, and prevention of cyber threat activity targeting the customer network. This task requires technical knowledge on the utilization of government and industry capabilities, best security practices, advanced log analysis, forensics, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, and anti-virus capabilities. Additionally, this task requires technical knowledge of forensics analysis to determine adversary methods of exploiting information system security controls, the use of malicious logic, and the lifecycle of network threats and attack vectors. Must produce reports on the unique TTPs utilized and conduct incident handling/triage, network analysis and threat detection, trend analysis, metric development, and security vulnerability information dissemination. Must be able to assist the customer with developing metrics and trending/analysis reports of malicious activity and develop signatures for threat detection. (It should be understood that this is not intended to be a detailed nor comprehensive description of any individual employee's job content. Managers set the specific duties and responsibilities for each employee).
Bachelors and two (2) years or more experience; Masters and 0 years related experience. Four additional years' experience may be considered in lieu of degree.
- US Citizen with the ability to obtain a Secret Clearance. An Interim Secret Clearance will be required to start the position.
- Experience working in information security, cyber intelligence, incident response, or other technical cyber security roles
- Knowledge of Advanced Persistent Threats (APT) tactics, technics and procedures
- Understanding of possible attack activities such as network probing/scanning, DDOS, malicious code activity, etc.
- Understanding of networking protocols such as TCP/IP, DNS, HTTP
- Experience Risk Management Framework and cyber security operations
- Experience with DevOps / Agile practices a PLUS
- Cybersecurity certification such as Security+, CISSP, CISM, ISSMP, etc a PLUS
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.