Tier 1 AS&W Analyst

Tier 1 AS&W Analyst

Requirements

• Bachelor’s degree in Science or Engineering Field, IT, or Cybersecurity or related field. Additional experience and certifications may be considered in lieu of a degree.
• 0 – 2 years of experience be in the areas of incident detection and response, remediation malware analysis, or computer forensics.
• Minimum of one (1) but two (2) preferred years of specialized experience in one or more of the following areas: Email security, Digital media forensic, Monitoring and detection, Incident Response, Vulnerability assessment and pen test, Cyber intelligence analysis.
• Extensive experience analyzing and synthesizing information with other relevant data sources, providing guidance and mentorship to others in cyber threat analysis and operations.
• Evaluating, interpreting, and integrating all sources of information, and fusing computer network attack analyses with counterintelligence and law enforcement investigations.
• Experience with aggregating and creating daily, weekly and monthly reports with emphasis on communication skills to accurately convey technical concepts to various audiences.
• Must have at least one of the following certifications: CompTIA Advanced Security Practitioner (CASP), CompTIA Cloud+, CompTIA Network+, CompTIA Security+, CompTIA Linux+, CompTIA Cyber Security Analyst (CySA+), CompTIA Linux Network Professional (CLNP), CompTIA Pentest+, CompTIA A+, CompTIA Cybersecurity Analyst (CySA+), CompTIA Server+, GSEC – Security Essentials, GCIH – Incident Handler, GCIA – Intrusion Analyst, GCFA – Forensic Analyst, GPEN – Penetration, GWAPT – Web Application Penetration Tester, GCFE – Forensic Examiner, CEH – Certified Ethical Hacker, CHFI – Computer Hacking Forensic Investigator, CSA – EC Council Certified SOC Analyst (Previously ECSA – EC-Council Certified Security Analyst), ECIH – EC-Council Certified Incident Handler, CNDA – Certified Network Defense Architect.

Responsibilities

• Conduct log analysis and triage in support of incident response.
• Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response.
• Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes.
• Work with key stakeholders to implement remediation plans in response to incidents.
• Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership.
• Flexible and adaptable self-starter with strong relationship-building skills.
• Strong problem-solving abilities with an analytic and qualitative eye for reasoning.
• Ability to independently prioritize and complete multiple tasks with little to no supervision.
• Emphasis on ability to succinctly and accurately capture technical details and summarize findings for less technical audiences.

Preferred Qualifications

• Ability to coordinate and communicate well with team leads and government personnel
• Provide weekly status reports and requested documentation
• Experience in cyber government, and/or federal law enforcement
• Experience with the Cyber Kill Chain and MITRE ATT&CK framework