Location
Reston, VA | United States
Job description
Description
SAIC has an opening for a Cyber Defense Analyst. This position is located in Oak Ridge, Tennessee. SAIC is open to the position working remotely.
The Cyber Defense Analyst role is responsible for monitoring and analysis of identified security events in support of the real-time 24/7/365 Enterprise Security Operations Center's Detection & Response team’s monitoring capability. The Cyber Defense Analyst will perform daily operations utilizing a SIEM and monitoring events from multiple sources including but not limited to firewall logs, system logs, network and host based intrusion detection systems, applications, databases, cloud infrastructure, and other security information monitoring tools.
Job Duties:
- Responds and reacts to events in the SAIC monitored environment and escalates for further analysis as needed.
- Continuously monitor security event systems by utilizing the Enterprise Security Operation Center’s security information and event management (SIEM) tool.
- Provide initial response and support to potential intrusion or security breach alerts.
- PCAP Analysis and correlation of events.
- Determining urgency and potential impact.
- Assist with analysis of actions taken by malicious actors to determine initial infection vectors as well as establish a timeline of activity and any data loss associated with incidents.
- Perform documentation review and improvement.
- Communicate and escalate issues and alerts as required by process or management.
- Additional responsibilities including the support of various Enterprise Security Operations Center activities.
Qualifications
Required Education and Experience Requirements:
- AA Degree in related discipline and one year related experience; Or, High School and two (2) years of related experience with relevant certification.
- Must be a US Citizen
- Must possess the following certification: Security+ certification.
- Availability to work flexible hours in a 24x7x365 environment.
- Working knowledge of security architectures and devices.
- Working knowledge of technology and security topics including operating systems, network security, protocols, application security, infrastructure hardening and security baselines.
- Can-do attitude.
- Self-motivated and quick-learner.
- Excellent communication skills both verbal and written.
- Ability to multitask.
Desired Requirements:
- Possess one or more of the following certifications: CySA+, SSCP, or additional relevant certifications.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Job tags
Salary
