Systems Security Analyst​/Cyber Defense Analyst Security Clearance

Systems Security Analyst / Cyber Defense Analyst with Security Clearance

STRATEGOS (est. 2008) is a Service-Disabled Veteran-Owned Small Business (SDVOSB) that identifies and provides usable solutions (non-personnel support services, consulting, training, and engineering) to the US Government and its partners.

Strategos is seeking an engineering opportunity in support of the Naval War College (NWC) and its components as they relate to their mission of Professional Military Education, Joint Professional Military Education, helping the Chief of Naval Operations (CNO) define the future Navy, its missions and roles, support combat readiness, and strengthen maritime security cooperation.

Title:

Systems Security Analyst / Cyber Defense Analyst;

Location:

Newport, RI;
Status:
Exempt;
Clearance:
Top Secret/SCI;
Full Time:
Yes.

• Analysis, documentation and development of integration, testing, operations, and maintenance of system security.
• Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events from environments to mitigate threats.
• Apply defensive measures resulting from sources to identify, analyze, and report events from the enterprise network to protect information systems from threats.
• Coordinate threat and mitigation strategies across the enterprise.
• Coordinating, installing, and maintaining information security devices and services on EDU, SIPRNET, DMZ, and commercial ISP networks.
• Ensure compliance of information security devices, services, and capabilities within DOD Security and Information Assurance protection requirements.
• Provide information security services to implement, maintain and sustain all unclassified and classified information security support services.
• Setup, configure, modify, test, maintain, operate, and support information security tools.
• Operate ACAS for Information Assurance Vulnerability Alert (IAVA) management and scanning, McAfee HBSS, Corelight, and Cortex.
• IOT discovery, monitoring, SOAR orchestration, and SIEM event correlation and analysis.
• Cloud security systems for DLP, and Email and threat prevention/monitoring.
• Validate remediation of IT resources managed by departmental branches.
• Security incident reporting to Security Operations Center.
• Administration of firewalls, Intrusion Detection System, policy server, IAVA management, Defense Information Systems Agency, Host Based Security System, Secure Configuration Compliance Validation Initiative, and Secure Configuration Remediation Initiative tools.
• Virtual Private network management, penetration testing, forensics research and analysis, web content filter management, security incident reporting, and vulnerability scanning.
• Knowledge of cybersecurity principles, cyber threats and vulnerabilities.
• Analyze network alerts from enterprise sources determining causes of alerts.
• Security reviews, gap analysis and risk mitigation in security architecture.
• Intrusion Detection System / Intrusion Prevention System tools and applications.
• Cloud computing deployment models in private, public, and hybrid on/off prem environment.
• Information technology security principles and methods (e.g., firewalls, DMZ, encryption).
• Network protocols TCP/IP, Dynamic Host Configuration, and Domain Name System.
• Network traffic flows Transmission Control Protocol, Internet Protocol, Open System Interconnection Model, and Information Technology Infrastructure Library.
• Common attack vectors and classes of attacks (passive, active, insider, close-in, distribution).
• Packet-level analysis and collecting data from a variety of cyber defense resources.

• BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution.
• Certified Ethical Hacker (CEH).
• CompTIA Cloud+.
• CompTIA Pen Test+.
• CompTIA Security+.
• Cisco Certified Cyber Ops Associate.
• CompTIA Cybersecurity Analyst (CySA+).
• Cyber Sec First Responder (CFR).
• Federal IT Security Professional-Operator-NG (FITSP-O).
• GIAC Certified Enterprise Defender (GCED), Foundational Cybersecurity Technologies (GFACT), Information Security Fundamentals (GISF), Certified Forensics Analyst (GCFA), Certified Intrusion Analyst (GCIA), Defensible Security Architecture (GDSA), Global Industrial Cyber Security Professional (GICSP), Security Essentials Certification (GSEC).