Senior Threat Analyst – 4123/3184/21155-5652

This job was posted by https://www.azjobconnection.gov : For more
information, please see: https://www.azjobconnection.gov/jobs/6692705

Job Description

Computer World Services, Corporation (CWS) is seeking an exceptional
candidate to serve as Cyber Threat Analyst for the US Army
Regional Cyber Center – Continental United States (RCC-CONUS) program
responsible for performing non-personal Information Technology (IT)
Services and support requirements. RCC-CONUS is responsible to operate,
manage, and defend the Armys NIPRNet and Secure Internet Protocol
Router Network (SIPRNet) CONUS portion of the GIG, and the NIPRNet and
SIPRNet DoDIN-A. The RCC-CONUS functions as part of a larger joint
environment, responding to the Theater Combatant Commanders, the
ARCYBER, and the Army Cyber Commands Army Cyberspace Operations and
Integration Center (ACOIC), which operates the GIG in support of
Department of Defense (DoD) operations around the world. Services
include Network and System Modernization, Cyber Defensive Operations,
Defensive Cyber Assessments, Defensive Cyber Infrastructure Support,
Threat & Data Analytics, DoDIN Operation Support, Network Management,
Systems Management, IT Lifecycle Management, IT Service Management
(ITSM), Portfolio/IT Investment Management, and Theater Operations and
Service Desk support.

The candidate will leverage skills and expertise by determining system
vulnerabilities, monitor and assess potential threats, and ensure a
network meets security qualifications. Monitor the cybersecurity program
by gathering technical and tactical information, perform digital
forensics, conduct all-source analysis, and pose counteractions to
protect intelligence.

Key Tasks and Responsibilities

Responsible for providing a Cyber Threat Awareness Report on network
threats/trends to the theater.

Produce informational reports for the CONUS Theater stakeholders to
address evolving cyber threats/trends in order to increase situational
awareness and affect positive changes to the defensive posture of the
CONUS Army networks.

Perform analysis of specific Information Assurance Vulnerability Alert
(IAVA) and Common Vulnerability and Exposures (CVE) vulnerabilities as
assigned by RCC-CONUS leadership and provide a detailed risk assessment
as well as recommended mitigation actions.

Provide risk assessment with recommended mitigation.

Conduct cyber threat analysis and hunting utilizing proactive and
iterative approaches to search all supported networks to detect and
isolate advanced threats that may evade existing security solutions.

Ability to devise modeling and measuring techniques; utilizes
mathematics, statistical methods, engineering methods, operational
mathematics techniques (linear programming, game theory, probability
theory, symbolic language, etc.), and other principles and laws of
scientific and economic disciplines.

Ability to demonstrate a complete understanding and wide application of
technical principles, theories, and concepts within the Cyber Research
field and provide consultation to technical solutions over a wide range
of complex difficult problems in which proposed solutions are
imaginative, thorough, practicable, and consistent with organization
objectives. Professionally certified as Technical Level III as defined
by DODI 8570 is a requirement.

Examine threat intelligence from DoD and public sources to identify
threats that are relevant within the AOR.

Responsible for utilizing the information collected from research and
cyber hunt missions to provide recommendations and operational impact
assessments of tasked domains to increase the likelihood of identifying
advanced intruders and malicious software in supported networks.

Conduct Cyber hunt missions that include, but are not limited to,
examining information systems, network devices, and endpoints for
indicators of compromise and network activity via a p ethora of network
artifacts including but not limited to network flow, packet analysis,
network device logs, etc.

Consolidate research and results of the cyber hunt missions and produce
a Threat Hunt and Analysis report or Operational Impact Assessment IAW
TE 3 Deliverables. Cyber hunt research and mission results shall also be
incorporated into PPT missions and shared with RCC-CONUS leadership,
subscribers, and stakeholders.

Provide data analysis to include trend analysis evaluating activity on
the Army networks to identify systemic or potential issues and include
metrics and recommendations to enable to development and deployment of
response actions.

Responsible for having sufficient personnel on staff to maintain on-site
capability (IAW paragraph 5.3) to work directly with RCC-CONUS
Operations personnel to conduct initial triage/cyber incident analysis
to include, review correlated events, system/device logs, and SIEM event
data to determine and recommend/take immediate DCO response actions.

Produce data logs in the conduct of incident analysis and recommend
mitigation measures in response to general or specific Advanced
Persistent Threats (APT), (attempted exploits/attacks, malware delivery,
etc.) on Army networks that include blocking/denying access by hostile
sites or restricting access by specific ports/protocols and/or
applications.

Provide recommendations t