Cybersecurity Intrusion Detection Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

UIC Commercial Services · 12 hours ago

Cybersecurity Intrusion Detection Analyst

positionUS-MS-Vicksburg
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

UIC Commercial Services is seeking a Lead Cybersecurity Intrusion Detection Analyst to join their team in Vicksburg, MS. The role involves analyzing cyber defense data to mitigate threats and providing 24x7 operational support for incident handling and analysis.

ConstructionShipping
check
Comp. & BenefitsbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Provides leadership and supervision to the incident response staff and performs highly technical customer support to organization users
Manages the incident response and threat detection function
Proactively analyzes network and systems traffic, event logs, and threat intelligence data, to properly identify and triage susceptibility of core campus technical assets, determine likelihood of exploitation and implement and/or refine preventative and detective security controls
Participates in the development and monitoring of policies and procedures for department or department operations
Assesses, analyzes, and consults on the security of information assets - networks, endpoints, databases, applications, services, platforms, environments, etc. Contributes to asset inventory and categorization processes
Receive and distribute AS&W information
Conduct AS&W activities to develop appropriate response (receives and archive task orders, directives, and other required actions
Maintain internal and external source location information)
Coordinate AS&W information from other sources to aid in analysis of alerts
Analyze the Intrusion Detection System alerts to identify unauthorized or anomalous activity
Identify, documents, and reports unauthorized activity/attacks (including IP addresses and ports, attack vector, and attack timeframe) in all incidents and reports per HPCMP CSSP sops
Take action, if appropriate, to prevent or mitigate potential impact to the DODIN based on cyber threats, and develop and distribute countermeasures and interim guidance to prevent or mitigate threats and/or attacks on DODIN
Monitor a platform capable of performing information security continuous monitoring (ISCM) for the purposes of detecting cyber intrusions, attacks, anomalous behavior, and possible insider threats
Collect intrusion artifacts (e.g., source code, malware, and trojans)
Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation
Report incidents and events within proper channels and within timelines identified in the CJCSM 6510.01B
Provide a 24/7x365 event/incident handling and analysis capability
Provide operations log accessible to personnel documenting all mandated reportable cyber events/incidents
Analyze detected cyber events to identify incidents
Categorize and characterize cyber incidents
Notify affected Subscribers of cyber incidents and collect assessments of mission impact for the loss of the system during the incident response process
Analyze cyber incidents to develop specific responses
Distribute tailored countermeasures or interim guidance to Subscribers to eradicate and prevent cyber incidents across all subscribers
Perform forensic analysis of systems and malware in cases where subscribers lack the capability and ensure relevant IOCs are shared with Warning Intelligence
Mitigate operational and/or technical impact due to cyber incidents
Contain the spread of malware to prevent further damage to IT systems through detection, analysis, and execution of containment measures

Qualification

Intrusion DetectionIncident ResponseCybersecurity AnalysisDOD 8570 IAT Level IIDOD 8570 CSSP-AnalystNetwork SecurityRegulatory Guidance InterpretationForensic AnalysisCommunication SkillsTeam Leadership

Required

Must possess Bachelor's degree or equivalent experience
Must have at least 5 years intrusion detection experience
Must have at least 2 years relevant IT and/or System administrator experience and 3 years relevant Information Security experience
Must have the certifications for DOD 8570 IAT Level II minimally
Must have the certifications for DOD 8570 CSSP-Analyst or CSSP-Incident Responder
Must have the ability to earn DoD 8570 computing environment certification within 6 months
Understanding of network hardware devices and experience configuring Access Control Lists or other Firewall or Router configuration experience
Ability to demonstrate strong knowledge of computer security concepts
Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience
Advanced knowledge of network technologies and protocols
Advanced understanding of current threats and trends present in the Information Security and Technology field
Must complete the specified Joint Qualification Requirement training within 180 days of date of hire, unless otherwise specified
Must currently hold and be able to maintain an active Secret clearance with the ability to obtain a Top Secret/SCI
US Citizenship is a requirement for Secret clearance at this location

Preferred

Must be able to lift up to 25 pounds
Must be able to stand and walk for prolonged amounts of time
Must be able to twist, bend and squat periodically

Company

UIC Commercial Services

twittertwitter
company-logo
UIC Commercial Services is a division of Ukpeaġvik Inupiat Corporation, the Alaska Native Village Corporation for Utqiaġvik, Alaska.
dateFounded in 1984
location
Anchorage, Alaska, USA
people-size201-500 employees
web-link
https://uicalaska.com/our-companies/uic-commercial-services/uic-bowhead-transport-llc/

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Don Gray
Vice President of UIC Oil & Gas and Marine Services
linkedin
Company data provided by crunchbase