"Alerted.org

Description

SAIC is seeking a Network Threat Analyst to join our team and support MARFORCYBER's CCSSIII program. The ideal candidate will have demonstrated experience within a network or security operations center, identifying analyzing and reporting on threats and vulnerabilities.

This position is onsite at  **Fort Meade, MD.**

Key Responsibilities:

+ Correlating data from multiple sources, including host, network, user, and intelligence reports to uncover threats

+ Collection, aggregation, and interpretation of log data from various sources. Configuration, management, and optimization of Network Intrusion Detection Systems and Host-based Intrusion Detection Systems to include fine-tuning security rule sets for tools such as Suricata, Snort, Yara, and Sigma

+ Deep packet inspection and identification of malicious traffic using packet analysis tools, such as Wireshark or Network Miner

+ Threat hunting to identify advanced persistent threats and zero-day vulnerabilities using various threat hunting methodologies

+ Provide input into DCO mission products such as pre-mission planning briefs, situation reports, post mission documentation, after action reports and lessons learned at the conclusion of events such as operations, exercises, and training

+ Integration and management of SIEM and SOAR platforms, such as Elastic, Splunk, Sentinel, and other open-source or government provided solutions

Qualifications

Typical Education and Experience:

+ Bachelor's degree or higher in Computer Science, Software Engineering, or Computer Engineering from an accredited college or university and 6 years of experience in the degree fields

+ OR Global Information Assurance Certification (GIAC), Certified Forensics Analyst (GCFA) Certification or GIAC, Certified Intrusion Analyst (GCIA) Certification with 10 years of experience in both Host analysis and Network analysis

+ OR 12 years of experience as a Threat Analyst with experience in both Host analysis and Network analysis

+ OR 12 years of experience in Offensive Cyber Operations as an Interactive Operator on-Network (ION) or Exploitation Analyst (EA)

Required Skills:

+ 2 years of experience as an instructor in threat analysis or 3 years of experience in a leadership position, with 4 or more direct reports, in an organization such as a Security Operations Center, a Cyber Emergency Response Team, a Cyber Protection Team/Blue Team or a Red Team/Cyber Mission Team

+ Demonstrated experience training and developing subordinates on foundational areas such as network and host analysis, JQR, Mission qualification, and KSA’s related to their assigned work role

+ Knowledge and working experience with Suricata, Snort, Yara, and Sigma, Elastic, Splunk, Sentinel, and other open source or government provided solutions

+ IAT Level III certification

Required Clearance:

+ TS/SCI with polygraph is required. Polygraph MUST be dated within the last five years

Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

REQNUMBER: 2511690

SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability