Apply on Employer Site

SAIC · 1 day ago

Network Threat Analyst

Fort Meade, MD

Full-time

Onsite

Mid, Senior Level

$120K/yr - $160K/yr

6+ years exp

SAIC is seeking a Network Threat Analyst to join our team and support MARFORCYBER's CCSSIII program. The ideal candidate will have demonstrated experience within a network or security operations center, identifying, analyzing, and reporting on threats and vulnerabilities.

Information TechnologySecurityService IndustrySoftware

Work & Life Balance

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Correlating data from multiple sources, including host, network, user, and intelligence reports to uncover threats

Collection, aggregation, and interpretation of log data from various sources. Configuration, management, and optimization of Network Intrusion Detection Systems and Host-based Intrusion Detection Systems to include fine-tuning security rule sets for tools such as Suricata, Snort, Yara, and Sigma

Deep packet inspection and identification of malicious traffic using packet analysis tools, such as Wireshark or Network Miner

Threat hunting to identify advanced persistent threats and zero-day vulnerabilities using various threat hunting methodologies

Provide input into DCO mission products such as pre-mission planning briefs, situation reports, post mission documentation, after action reports and lessons learned at the conclusion of events such as operations, exercises, and training

Integration and management of SIEM and SOAR platforms, such as Elastic, Splunk, Sentinel, and other open-source or government provided solutions

Qualification

Network Threat AnalysisIntrusion Detection SystemsPacket AnalysisSIEM ManagementIAT Level III CertificationSuricataSnortYaraSigmaElasticSplunkSentinelTrainingDevelopmentLeadership

Required

Bachelor's degree or higher in Computer Science, Software Engineering, or Computer Engineering from an accredited college or university and 6 years of experience in the degree fields

OR Global Information Assurance Certification (GIAC), Certified Forensics Analyst (GCFA) Certification or GIAC, Certified Intrusion Analyst (GCIA) Certification with 10 years of experience in both Host analysis and Network analysis

OR 12 years of experience as a Threat Analyst with experience in both Host analysis and Network analysis

OR 12 years of experience in Offensive Cyber Operations as an Interactive Operator on-Network (ION) or Exploitation Analyst (EA)

2 years of experience as an instructor in threat analysis or 3 years of experience in a leadership position, with 4 or more direct reports, in an organization such as a Security Operations Center, a Cyber Emergency Response Team, a Cyber Protection Team/Blue Team or a Red Team/Cyber Mission Team

Demonstrated experience training and developing subordinates on foundational areas such as network and host analysis, JQR, Mission qualification, and KSA's related to their assigned work role

Knowledge and working experience with Suricata, Snort, Yara, and Sigma, Elastic, Splunk, Sentinel, and other open source or government provided solutions

IAT Level III certification

TS/SCI with polygraph is required. Polygraph MUST be dated within the last five years