Diese Stelle ist in deinem Land nicht verfügbar.

Cyber Incident Handling Analyst Active DoD Top SecretSCI

PeratonWiesbaden, Hesse, Germany

Vor 4 Tagen

Stellenbeschreibung

Responsibilities

Peraton is currently seeking an experienced Cyber Incident Handling Analyst to join our team in support of the U.S. Army Europe Regional Cyber Center (RCCE).

Location : Wiesbaden Germany.

Role & Responsibilities :

Under general supervision you will monitor analyze and detect cyber events and incidents in information systems and networks. This role supports integrated cyber defense efforts by coordinating security toolsets to sustain continuous monitoring and ongoing authorization programs.

You will :

Monitor analyze and act on SIEM alerts and events to detect malicious activities across information systems and networks.
Support dynamic cyber defense operations by coordinating security toolsets and adhering to the Department of Defense framework for measuring and quantifying cyber risk.
Conduct threat and vulnerability analysis by evaluating network and host activity against baseline requirements researching security standards reviewing vulnerability findings related to SIEM alerts and analyzing system logs for indicators of malicious intent.
Manage incident response by documenting and classifying incidents (in accordance with Army and DoD regulations) determining root causes coordinating remediation efforts and performing postintrusion analyses to identify detection gaps; actively participate in a dedicated rotating 24 / 7 incident response team to ensure continuous operational coverage.
Communicate effectively by providing timely incident updates and daily reports to higher headquarters and Defensive Cyber Operations staff and by preparing visual charts diagrams and comprehensive reports to support metrics analysis and enhance cybersecurity posture.
Optimize detection capabilities by developing specialized SIEM queries tuning IDS / IPS rules to reduce false positives and documenting identified vulnerabilities for operational integration.
Provide team and customer support by assisting various sections of the Defensive Cyber Operations team and conducting indepth network security evaluations at customer sites.

Advanced Analysis and Expert Responsibilities :

Utilize SIEM technologies for advanced cyber forensics to detect and deter malicious actors targeting networked weapons platforms and U.S. DoD networks.

Analyze host and network events to assess operational impact and advisory capabilities.

Develop analytics based on indicators of compromise and perform forensic investigations by dissecting host data to determine the root causes tactics techniques and tools used in cyber intrusions.

Prepare highquality strategic reports presentations and recommendations for senior U.S. government intelligence and network operations officials.

RCCE

Qualifications

Minimum Qualifications :

Minimum of 2 years experience in Cyber Systems Engineering with a Bachelors degree in a STEM field or Business Administration; an additional 6 years of experience in lieu of degree may be considered.

Must be able to qualify for technical expert status accreditation (TESA) by having a bachelors degree in a STEM field or Business Administration plus 3 years of specialized experience OR an associates degree plus 7 years of specialized experience OR a major certification plus 7 years of specialized experience.

Active DoD Approved 8140 Certification (DCWF : 531 B.S. or GCFA or GCIA) (DCWF : 511 B.S. or GCFA GCIA CFR Cloud CYSA GCED PenTest) and 8140 Residential within 90 days of acceptance Cisco CyberOps Professional GCED GCFA GCFE GCIH GNFA DCITA CIRC Blue Team level 1 FIWE or Offensive Security OSDA).

Fluent in all aspects of government and corporate communications media to include all MS Office products and common task ticketing systems.

U.S. citizenship required.

An Active DoD Top Secret / SCI security clearance.

Preferred Qualifications :

Experience with the Elastic SIEM.

Experience in packet captures and analyzing a network packet.

Experience with intrusion detection systems such as Snort Suricata and Zeek.

Experience with SIEM systems such as Splunk ArcSight or Elastic.

Experience with Microsoft Windows event IDs.

Experience with Linux audit log analysis.

Familiarity with Git and VScode.

Strong understanding of adversary tactics techniques and procedures (TTPs) and the MITRE ATT&CK framework.

Experience with one or more scripting languages such as PowerShell Bash Python.

Peraton Overview

Peraton is a nextgeneration national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains : land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit peraton to learn how were keeping people around the world safe and secure.

Target Salary Range

80000 $128000. This represents the typical salary range for this position based on experience and other factors.

EEO : Equal opportunity employer including disability and protected veterans or other characteristics protected by law.

Required Experience :

Key Skills

ArcGIS,Intelligence Community Experience,GIS,Python,Computer Networking,Data Collection,Intelligence Experience,R,Relational Databases,Analysis Skills,Data Management,Application Development

Employment Type : Full-Time

Experience : years

Vacancy : 1

Monthly Salary Salary : 80000 - 128000