feedback icon

Wed Jun 6, 2018 - 18 weeks ago

Login or Register to vew

4 Views, 0 Applications

Cyber-Intelligence Analyst Senior Technical Specialist

Perspecta works with U.S. government customers in defense, intelligence, civilian, health care, and state and local markets. Our high-caliber employees are rewarded in many ways--not only through competitive salaries and benefits packages, but the opportunity to create a meaningful impact in jobs and on projects that matter.
Perspecta's talented and robust workforce--14,000 strong--stands ready to welcome you to the team. Let's make an impact together.
Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories

Job Description: Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks. Supports cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Coordinates resources during enterprise incident response efforts, driving incidents to timely and complete resolution. Employs advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis. Supports internal HR/Legal/Ethics investigations as forensic subject matter expert. Performs network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks. Reviews threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities. Correlates actionable security events from various sources including Security Information Management System (SIMS) data and develops unique correlation techniques. Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats. Develops analytical products fusing enterprise and all-source intelligence. May conduct malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols. Interfaces with external entities including law enforcement organizations, intelligence community organizations and other government agencies such as the Department of Defense. Specific Job Description: Conduct Packet Capture (PCAP) analysis, to include log correlation and network traffic analysis in support of investigations and operations. Utilize understanding of network architectures, common protocols, uses, and how they apply to various network topologies. Use open source and commercial tools to process large PCAP data sets and correlate findings between system and network artifacts. Identify anomalous network activity and provide detailed documentation of findings, analysis and hypotheses


Required: - Demonstrated administrative and organizational skills. - Excellent interpersonal skills and the capability to deal with personnel at all levels in the government, industry, and academia. - Demonstrated briefing and presentation skills. - MS Office Experience - Minimum 4 year degree in Computer Science, Information Systems, Cyber Security, Computer Engineering, or related technical field. - Minimum 8 years of analysis experience, 5 years of cyber analysis experience. Demonstrated proficiency in network security analysis tools - IC experience Desired: - Strong proficiency and recent experience (within last 3 years) performing PCAP analysis using common analysis tools (Wireshark, TShark, Splunk, Netwitness). Candidate must be strongly proficient at sessionizing, identifying and decoding protocols, extracting files, and applying standard filters. - Expertise in using Python or bash scripting language to sort, de-duplicate and manipulate PCAP files. - Must have working knowledge of relational databases to create schemas and leverage relational databases in PCAP processing - Profiency in: developing and customizing Splunk using its XML templates for advanced configuration and macros; creating Customized Splunk queries using Splunk query language; and building Splunk dashboards with search forms, views, packaging and distribution - Strong technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection. Candidate must have a thorough understanding of Domain Name Service records - Experience in data processing and analysis in a virtualized Linux environment. Must have working knowledge of Linux administration. Must be comfortable hosting basic web applications in an Apache/MySQL/PHP or IIS/MSSQL/ASP environments. AWS experience is a plus. - Certifications: GIAC Network Forensic Analyst, OSCP, AWS Certified Solutions Architect Associate, Splunk Certified Administrator Requires 12 to 15 years with BS/BA or 10 to 13 years with MS/MA or 7 to 9 years with Ph.D.

Submit employee referral

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.

**Connect With Us!**

Not ready to apply?for general consideration.

**Req #** _2018-50891_

**Category** _Information Technology_

**# of Openings** _1_

**Job Location** _US-Chantilly-VA_

**Clearance** _Top Secret/SCI w/Poly_