Cyber Security Analyst Jobs in Washington, DC

Location: The requirement has been updated to work out of the College Park, Maryland office 2 - 3 days per week Shift Requirement: BlueVoyant's U.S. Commercial SOC operates on a four days on, three days off schedule. Analysts work one of the following options: Sundays-Wednesdays: with analysts operating either 6am-4pm 8am-6pm 10am-8pm 8pm-6am (night shift) Wednesdays-Saturdays: with analysts operating either 6am-4pm 8am-6pm 10am-8pm 8pm-6am (night shift) US Citizenship Required Summary BlueVoyant is looking for Security Operations Center (SOC) Analysts to defend our global customers from the constant fight against adversaries. You will be part of a fast-paced team that helps spot, defend, and remediate adversary activity to reduce the impact and dwell time of security incidents. As an L3 analyst, you are the ultimate technical expert and escalation point for analysts on your team. Your significant expertise in modern attacks, analysis of intrusion data, and knowledge of attack remediation ensures that attacks against our clients are handled with urgency, accuracy, and effective communication. You are the mentor for L1/L2 analysts, the trusted voice of customers, and the bane of adversaries. The experience you bring to the role provides a front-row voice to technology strategy, process improvements, and an advocate for analysts around the world. Key Responsibilities: As an L3 analyst the safety and security of your clients is your ultimate motivator and responsibility. You'll handle active intrusions and escalations from L1 and L2 analysts, and you know how to dive into client systems and logs to find attacker activity while tracing a labyrinth of domain registrations and ripping apart malware. When you say “it's bad” everyone jumps into action. Beyond technical expertise, you understand that the burden of proof is on you and requires excellent documentation and communication. Clients are not left with more questions than they started with when they read your reports and know exactly what actions they need to take to kick bad guys to the curb. Monitor and analyze security events and alerts from multiple sources, including SIEM logs, endpoint logs, and EDR telemetry Research indicators and activities to determine reputation and suspicious attributes Perform analysis of malware, attacker network infrastructure, and forensic artifacts Execute complex investigations and handle incident declaration Perform live response analysis of compromised endpoints Hunt for suspicious activity based on anomalous activity and curated intelligence Participate in the response, investigation, and resolution of security incidents. Provide incident investigation, handling, response, and incident documentation Engage and assist the BlueVoyant Incident Response teams for active intrusions Ensure events are properly identified, analyzed, and escalated to incidents. Assist in the advancement of security policies, procedures, and automation Serve as the technical escalation point and mentor for lower-level analysts Regularly communicate with clients to inform them of incidents and aid in remediation Basic Qualifications People Skills: Ability to handle high pressure situations in a productive and professional manner. Ability to work directly with customers to understand requirements for and feedback on security services Advanced written and verbal communication skills and the ability to present complex technical topics in clear and easy-to-understand language Strong teamwork and interpersonal skills, including the ability to work effectively with a globally distributed team Able and willing to work in a 24/7/365 environment, including nights and weekends, on a rotating shift schedule Tech Skills: Knowledge and experience with SIEM solutions, Cloud App Security tools, and EDR Advanced knowledge and understanding of network protocols and network telemetry Forensic artifact and analysis knowledge of Windows and Unix systems Expertise in Endpoint, Web, and Authentication log analysis Experience with SIEM/EDR detection creation Experience in responding to modern authentication attacks against AD, Entra, OATH, etc. Expert knowledge of common attack paths, including LOLbin use, common adversary tools, business email compromises, AiTM attacks, including identification and response Strong knowledge of the following: SIEM workflows (preferably Sentinel and Splunk) Modern authentication systems and attacks (SSO, OATH, Entra, etc.) Malware Detection, to include dynamic and light static analysis Network Monitoring metadata (web logs, firewall logs, WAF/IDS) Email Security and common business email compromise attacks Windows and Unix forensic artifacts (i.e. registry analysis, wtmp/btmp) Windows PE and Maldoc analysis Remote access solutions (both legitimate and inherently malicious) Lateral movement methodologies and tools for Windows & Unix-based OSes O365 attack paths, common attacker methodologies, and analysis Network metadata analysis and knowledge of commonly abused protocols Expert knowledge of credential harvesting tools and methodologies Experience countering ransomware threat actors / operations preferred Preferred Qualifications Experience intrusion analysis / incident response, digital forensics, penetration testing, or related areas 5+ years of hands-on SOC/TOC/NOC experience GCIA and GCIH required. GCFA, GCFE, CISSP, Security +, Network +, CEH, RHCA, RHCE, MCSA, MCP, or MCSE preferred Familiarity with technologies such as Sentinel, Splunk, Microsoft Defender suites, Crowdstrike Falcon, SentinelOne Familiarity with GPO, Landesk, or other IT Infrastructure tools Understanding and/or experience with one or more of the following programming languages: JavaScript, Python, Lua, Ruby, GoLang, Rust Education Minimum bachelor's degree in Information Security, Computer Science, or other IT-related field or equivalent experience About BlueVoyant At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability! Led by CEO, Jim Rosenthal, BlueVoyant's highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies. Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America. All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. Disclaimer: Please note that pursuant to contractual requirements and applicable law, in order for employees to perform work on some of the company's federal contracts, U.S. citizenship is required. Accordingly, an employee's ability to perform work on such contracts is contingent upon the company's verification of the employee's citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting.

hackajob has partnered with a forward-thinking tech-driven business that prioritizes innovation in its digital solutions and leverages extensive industry data to drive impactful results. Role: Senior Security Analyst Salary: Competitive Salary + Benefits Requirements / Qualifications: U.S. Citizenship with the ability to obtain a Public Trust clearance 8+ years of Information Assurance (IA) experience (or 6+ years with a security certification like CISSP) 3+ years in a leadership role Strong data analysis and communication skills Expertise in ATO and Risk Management Framework Experience with GRC tools such as Xacta, RSA Archer, CSAM, or eMASS Ability to manage multiple tasks and deadlines effectively Preferred: Advanced cybersecurity certifications (CompTIA CISM, ISC2 CISSP) and experience with NIST 800-53 Rev 5 hackajob is a recruitment platform that will match you with relevant roles based on your preferences, and to be matched with these roles, you need to create an account with us. This role requires you to be based in the US.

MUST HAVES: 5+ years in general technical cybersecurity experience. 3+ years' experience in detection engineering, threat hunting, or incident response. Experience in operationalizing cyber threat intelligence into high-fidelity detection logic. Experience in systematically developing detection logic and adversarial TTP testing against said logic following formalized detection engineering lifecycle. Highly proficient in analyzing logs from various sources, such as endpoints, applications, network appliances, and cloud environments. Strong technical understanding of cybersecurity fundamentals at the network, protocol, and host levels. Experience with MITRE ATT&CK and/or D3FEND frameworks. Strong experience with SIEM platforms. Ability to proactively and systematically hunt for threats using investigative tools, techniques, and user behavior analysis. Offensive security experience - conducting red team operations and/or penetration tests. DevOps experience and/or building/maintaining cloud environments using infrastructure as code. Strong ability to translate cyber and technical issues and topics into risk-informed business language.

Education: Bachelor's degree in computer science, information technology, cybersecurity, or a related field. Advanced degrees or certifications such as CISSP, CISM, or CISA are preferred. General Experience: • Minimum of 5 years' experience in cyber security. • Analytical and problem-solving skills, with the ability to analyze complex security issues and develop effective solutions. Specialized Experience: • Specific experience in engineering and implementing cyber solutions. • Experience working in cross functional teams as a cyber engineer. • Experience leading solution assessment and requirements development and alignment. Preferred Qualifications: • Graduate degree or certifications such as CISSP, CISM, or CISA • Experience as a cyber engineer supporting Endpoint Managed Detection and Response (MDR), Firewall, (P) DNS, SSL, CDN, and other core cyber services. • Excellent communication and collaboration skills, with the ability to effectively communicate technical concepts. • Project management skills, with experience in planning, scheduling, and monitoring the delivery of cybersecurity services.

Hello, Andy Here from Infojini. Hope you are doing well !! We are looking for a 2-Cyber Security Consultants for our DIRECT client in Crownsville, Maryland. It is a 12+ month contract position with more extensions. Please send me your resume along with the rate expectation to me or call me at me on my number **************. Below is the job description for the position. Job Title - 2- Cyber Security Consultants Location - Crownsville, Maryland, 21032 Duration - 12+ Months Client - Direct Client Hybrid Position - 2-3 days onsite Must need travel within Baltimore State Local Candidates preferred Max rate for C2C: $69/hr. and w2 is $62/hr. As a Subject Matter Expert/Local Cybersecurity Consultant, your mission is to enhance cybersecurity resilience across local units of government. Core responsibilities include: Education: Bachelor's degree in computer science, Information Technology, or a related field.(Years of demonstrated experience will be considered in lieu of a bachelor's degree). Specialized Experience: • Proven experience of at least five (5) years as a Cyber Security Engineer, Cyber Manager, Cyber Analyst, or similar role in cybersecurity. • Knowledge of cybersecurity solutions and other common security technologies. • Experience performing security maturity and system assessments in alignment with NIST Cybersecurity Framework along with preparing respective assessment reports. • Experience remediating risk and vulnerabilities through the implementation of applying solutions that align with cybersecurity best practices. Skills and Requirements: • Excellent problem-solving skills and attention to detail. • Experience working with and presenting to senior leadership and executives. • Strong communication skills to communicate with a diverse range of stakeholders and effectively report findings. • Ability to travel to jurisdictions within Maryland. • Graduate degree in cybersecurity or related area of expertise. • Experience with NIST CSF. • Preference for candidates with relevant professional certifications. Duties/Responsibilities: Assessment and Analysis: • Conduct comprehensive assessments of local networks, cybersecurity architecture, tools, policies, and plans. • Identify vulnerabilities and gaps in existing security measures. • Analyze risk factors and prioritize areas for improvement. Remediation and Enhancement: • Collaborate with stakeholders to remediate vulnerabilities and strengthen security posture. • Draft and refine cybersecurity policies, best practices, and implementation plans. • Recommend effective security solutions tailored to each local unit of government's needs. Training and Capacity Building: • Provide training on cybersecurity topics • Foster knowledge sharing and skill development within organizations. Reporting and Risk Assessment: • Prepare detailed reports for leadership, highlighting findings, risks, and recommended actions including prioritization of recommendations. • Translate technical assessments into actionable insights for decision-makers. •Advise on strategic paths forward to mitigate risks effectively. Collaboration and Communication: • Establish strong relationships with stakeholders, including government agencies and organizations. • Facilitate communication between technical experts and leadership. • Act as a bridge, ensuring alignment between technical requirements and organizational goals.

The Software Security Developer has the overall responsibility to developing software applications, services, and systems (e.g., user-facing and back-end services). Manage source code using industry version control best practices. Research new techniques and technologies to stay current in software development methodologies and tools. Utilize code validation tools to ensure that source code is valid, is properly structured, meets industry standards, is secure, and is compatible with browsers, devices, or operating systems. Collaborate with stakeholders to define needs and/or specifications and develop proposed solutions. Test and integrate developed software applications into the operational baseline. Perform test driven development utilizing strong unit testing techniques to include test cases mimicking external interfaces and addressing all browser and device types. Modify or enhance existing software to correct errors, to adapt it to new hardware, or to upgrade interfaces and improve performance. Create technical models, architectural artifacts, and/or prototypes that include physical, interface, logical, or data models (e.g., model view controller (MVC) programming practices). Share actionable/valuable information with colleagues and leadership and engage with community as resident expert. Prepare reports and consult with customers or other stakeholders to advise on technical issues, provide operational support, respond to questions, and offer status updates. Develop DevOpsSec (CI/CD) pipelines and incorporate security protocols while deploying infrastructure as code (IaC). Required Skills/Experience: Bachelor's degree in science, technology, engineering, and math (STEM) field and nine (9) years IT security (Cybersecurity) experience; OR No Bachelor's Degree with eleven (11) or more years of IT security (Cybersecurity) experience Desired Skills/Experience: • Experience can be considered in lieu of degree. • Certified Application Security Engineer (CASE) Certification or Certified Secure Software Lifecycle Professional (CSSLP) Certification. • Certified Ethical Hacker (CEH) Certification or Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP). • AWS Certified Solutions Architect Professional or AWS Certified DevOps Engineer Professional. • Experience with DevOpsSec pipeline tools including configuration management, requirements (e.g. JIRA), automated testing, automated deployments, blue green deployments, and branching strategy and implementation. • Experience in cloud computing including concepts, capabilities, and applications as they relate to storage, processing, and dissemination and overall security. • Demonstrated experience working with multi-disciplinary teams to fulfill stakeholder requirements. • Professional experience using a programming language such as Java, Python, JavaScript, or equivalent to build and design complex software applications. • Professional experience designing, developing, testing, and deploying software to include full stack web-based applications using industry standard DevOps tools. • Experience in applying agile development methodologies to develop software. • Experience building web application programming interfaces (API) using standards

Hi We are looking for a Security Engineer - T3 for a 12+ month project in Herndon, VA. Only US Citizens Start Date : April 20th 2025 Key Responsibilities: · Security Management: o Develop and implement security policies, protocols, and procedures for cloud environments. o Monitor cloud infrastructure and applications for security breaches and respond promptly to incidents. o Conduct regular security assessments, vulnerability scans, and penetration testing. · Compliance and Risk Management: o Ensure compliance with industry standards, legal requirements, and organizational policies (e.g., GDPR, HIPAA, PCI-DSS). o Identify and assess security risks, developing strategies to mitigate them. o Prepare and maintain documentation related to security practices and compliance efforts. · Collaboration and Communication: o Work closely with IT, DevOps, and Development teams to ensure security is integrated into all stages of the software development lifecycle. o Provide security training and awareness programs for employees. o Liaise with external partners and vendors to assess the security posture of third-party services and products. · Incident Response: o Develop and maintain an incident response plan to manage security incidents effectively. o Investigate and document security breaches, providing detailed reports and recommendations for prevention. o Participate in disaster recovery planning and testing. · Continuous Improvement: o Stay current with emerging security trends, threats, and technologies. o Propose improvements to security architecture, tools, and processes. o Evaluate and implement security solutions that enhance the organization's security posture. Qualifications: · Education and Experience: o Bachelor's degree in Computer Science, Information Security, or a related field. o Minimum of 3-5 years of experience in cloud security, cybersecurity, or a related role. · Technical Skills: o Strong understanding of cloud platforms such as AWS, Azure, or Google Cloud. o Experience with security tools and technologies (e.g., firewalls, IDS/IPS, SIEM). o Knowledge of scripting and automation tools for security tasks. o Familiarity with regulatory frameworks and compliance standards. · Certifications: o Relevant security certifications such as CISSP, CISM, CEH, or AWS Certified Security - Specialty are preferred. Thanks Guru Yash Technologies Inc ************ **************

You've stumbled upon the rare BCorp government contractor! At TCG, we aim to prove that businesses can be good to their employees and responsible to their community while being profitable. We're an award-winning IT solutions provider to the Federal government seeking a Senior Security Engineer to join our team. US Citizenship is required for this role. In addition, the selected applicant must submit to a government background investigation and be favorably adjudicated before their first day. This position is primarily remote but will require occasional in-person meetings. The selected applicant must live within commuting distance of Washington, D.C. RESPONSIBILITIES: Perform security reviews of all application code before deploying to production environment and provide the results of the review to the MAX.gov ISSO. Monitor existing COTS products and Open Source tools and products for new security vulnerabilities or patches. Assess risks from identified security vulnerabilities and provide expert recommendations on mitigations. Review software and hardware architectures for security implementations, assessing and reporting risks of these designs. Daily monitor systems for active attacks and break-ins, ensuring reporting and tuning these monitoring systems. User profiling and analysis, reporting and active defense using Fortinet and OSS technologies. Monitor and tune system configurations to improve performance and address errors. Support development teams in implementing application-specific monitoring for availability and functionality. Mentor team members on new and advanced techniques and technologies. Ensure monitoring and defense against APTs. Fortinet WAF and firewall administration and maintenance. Clean up data spills and attend briefings on current security threats. Manage Blue and Red team assessments, running practice scenarios. Review and add defense in depth techniques to existing security profiles. REQUIRED SKILLS: A minimum of 8 years of relevant security and technical experience. Independent problem-solving skills, strong analytical abilities, creativity, and a clear appreciation of end customer needs. Demonstrated ability with advanced code assessment tools and reviewing their results for both dynamic and static scans (OWASP, SANS, CIS, etc). Experience with programming in some combination of Java/Perl/PHP/C/C++/Go/Ruby/Python. Working knowledge of web protocols (including lower layers, packet disassembly, routing, switching), ability to perform diagnostics, and knowledge of security best practices. Experience with compliance controls and security hardening for a US Government computer system at the FISMA Moderate or High levels. Advanced automation skills in Bash shell scripting, Python, curl, etc. Multiple years of cross-domain experience in IT domains such as network administration, database administration, or software development. Ability to create system documentation for ongoing system management. Demonstrated ability to communicate effectively, both orally and in writing. Demonstrated ability to learn new technologies and skills. Must be skilled at planning and organizing. Must be adept at prioritizing, problem assessment, and problem-solving. Must demonstrate attention to detail and accuracy. Must have a strong customer service orientation. Must be flexible and adaptable. Ability to work directly with clients at all levels of an organization, including high-level internal and external stakeholders. PREFERRED SKILLS: Offensive Security Certified Professional (OSCP) certification. Troubleshooting, debugging, and diagnostic skills in a complex IT environment. Familiarity with at least one Continuous Integration/Continuous Delivery (CI/CD) mechanism. System administration experience building, configuring, and assessing Windows/RHEL/Ubuntu/Containers. Working knowledge of various security-focused enterprise toolsets. Experience with COTS product installation, integration & support. Experience with CSS and graphing libraries. Fortinet Firewall Administration and maintenance. Experience with information gathering and information monitoring, working knowledge of Risk Management Framework (RMF). Ability to create system documentation for ongoing system management. Experience in an Agile/Scrum development environment. Proficiency with MS Excel, MS Word, and other MS Office applications. EDUCATION: Bachelor's degree preferred, preferably in Computer Science, Information Technology, or a related field. Experience may be substituted in absence of a degree. TCG does not discriminate based on race, sex, color, religion, national origin, age, disability, caste, or veteran status. Our BCorp mission is reflected in our benefits, including offerings like health care, 401K, parental leave, adoption assistance, financial planning services, student loan repayment assistance, and training budget. There's more, see for yourself. TCG is recognized for treating employees well; in fact, in 2024 The Washington Post named TCG as a “Top Workplace” for the tenth straight year based on how our employees feel about the company, the benefits TCG offers, and the work/life balance that our staff achieves. Our CEO was ranked best, by TCG employees' votes, among all midsize companies in the Washington Post Top Workplace survey. Internal title/grade: System Engineer, E4 Salary Range: $125,000 - $150,000 #J-18808-Ljbffr

Job Title: Offensive Security Lead Responsibilities: Lead purple team activities in collaboration with threat management and defensive blue teams, including adversary emulation and validation of detective, defensive, and vulnerability controls. Plan and oversee external red team engagements with external partners. Oversee and mentor other offensive security team members, sharing knowledge with all members of the security team. Oversee all internal penetration testing efforts as both a player and a coach to other penetration testing engineers, covering penetration testing of all critical infrastructure (e.g., CI/CD systems, Active Directory). Basic Qualifications: Bachelor's Degree from an accredited university or college (preferably in a relevant field such as Computer Science or Cyber Security). A track record of commitment to prior employers. 3 years of experience performing offensive security activities such as red teaming, penetration testing, and vulnerability research. 6 years of total experience in a technical role such as security, networking, systems, or software development. Security certification such as OSEP, OSCP, CRTO, GXPN, or similar. Scripting/programming skills (Bash, Python, PowerShell). Experience planning and executing Red Team and Purple Team scenarios. Preferred Qualifications and Skills: Proficiency with security tools like NMAP, Burp Suite, Kali Linux, Bloodhound, and similar tools. Experience with C2 frameworks like Cobalt Strike, Sliver, and Mythic. Knowledge of Windows Active Directory exploitation tools and techniques. Understanding of payload and exploit development (C/C#/C++). Understanding of EDR systems and how to evade them. Additional Responsibilities: Evolve offensive security capabilities to test internal and external facing processes, infrastructure, and applications. Develop test plans to validate identified vulnerabilities and demonstrate their exploitation. Explain exploits to senior-level management. Stay current with trends, techniques, and tools used by adversaries. #J-18808-Ljbffr

CVP seeks an experienced Senior Security/Cloud Engineer to join our growing team. The professional in this role will apply their expertise in security and cloud engineering to dramatically improve IT and business capabilities, resiliency, agility, and operational effectiveness. Responsibilities Envision and tailor a Zero-Trust technology modernization strategy, architecture (ZTA) and approach to implementation a sustainable ZTA solution for the IT enterprise. Drive ZTA adoption and innovation across the organization through strategic integration of technologies, methodologies, and tools in alignment with Target Architecture and business needs. Facilitate design and collaboration workshops and technical interchanges with functional and technical experts to establish new technology platforms, integration frameworks, and technology standards that will modernize and harmonize hundreds of systems. Leverage systems engineering design, systems integration, software development, multi-cloud architecture and implementation expertise to lead thoughtful designs of integrated IAM, TIC 3.0, ZTA, SDN and Multi-Cloud technical solutions. Able to effectively communicate and work across the enterprise with business executives, technology leadership and various IT teams to define key initiatives and manage their execution. Able to collaborate well with senior staff to define the technology vision for the organization. Interpret, rationalize, and reconcile conflicting client guidance in the interest of advancing capabilities, mitigating risk, and adapting to client culture. Act as Subject Matter Expert developing technical controls and guardrails. Qualifications Must be eligible to obtain a Public Trust clearance. CISSP & Cloud certification. 10+ years of implementation/consulting experience with Security, Compliance, and Risk Management including a mix of hands-on engineering work along with compliance and oversight. Expert knowledge and implementation experience of information security principles, policy enforcement, operating systems, web applications, and a high-level of familiarity with malicious code uses, OWASP Top 10, and common techniques used by hackers. Experience with managing the security implications of cloud migrations. Experience designing security postures for Cloud native applications. Experience in the design and implementation of security controls. Experience with technical audit activity to ensure compliance with security policies and other industry standards (e.g., NIST, ITSG-33, SOC1/SOC2). Hands-on experience with secure networking design concepts, services such as DNS, HTTPS, and TLS, as well as securing software-defined systems. Experience building Security documentation packages and leading organizations through Security compliance processes, accreditation, and/or Authority to Operate lifecycles. Ability to provide thought leadership and help define strategic and tactical vision to improve mission efficiency and effectiveness. Ability to support the development and compliance of high-level system architectures, continue development of reference architecture documentation, and develop innovative, sustainable data architecture approaches. Ability to identify next generation concepts and lead research and prototyping efforts to evaluate new technologies, tools, and processes. NIH experience. Desired Deep knowledge across multiple EA Domains such as cloud/infrastructure, applications, security, and governance. Experience with agile delivery methodology such as Scaled Agile Framework (SAFe). About CVP CVP is an award-winning healthcare and next-gen technology and consulting services firm solving critical problems for healthcare, national security, and public sector clients. We help organizations achieve lasting transformation. #J-18808-Ljbffr

Responsibilities Peraton is currently seeking a Cyber Incident Response Analyst ll to support a government Cyber Security Operation Center (CSOC). The program provides comprehensive Computer Network Defense and Incident Response support monitoring and analysis of potential threat activity targeting the enterprise. The Incident Response Analyst will conduct security event monitoring, advanced analytics, and response activities in support of the CND operational mission. We are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response. Position Description: Perform technical analysis on a wide range of cybersecurity issues, with a focus on network activity, host activity, and data. This includes, but is not limited to: network flow (i.e. netflow) or related forms of session summary data, signature-based IDS/IPS alert/event data, full packet capture (PCAP) data, proxy and application server logs (various types). Triage IDS/IPS alerts, collect related data from various systems, review open and closed source information on related threats & vulnerabilities, diagnose observed activity for likelihood of system infection, compromise or unintended/high-risk exposure. Prepare analysis reports detailing background, observables, analysis process & criteria, and conclusions. Analyze large volumes of network flow data for specific patterns/characteristics or general anomalies, to trend network activity and to correlate flow data with other types of data or reporting regarding enterprise-wide network activity. Leverage lightweight programming/scripting skills to automate data-parsing and simple analytics. Document key event details and analytic findings in analysis reports and incident management systems. Identify, extract and characterize network indicators from cyber threat intelligence sources, incident reporting and published technical advisories/bulletins. Assess cyber indicators/observables for technical relevance, accuracy, and potential value/risk/reliability in monitoring systems. Recommend detection and prevention/mitigation signatures and actions as part of a layered defensive strategy leveraging multiple capabilities and data types. Develop IDS/IPS signatures, test and tune signature syntax, deploy signatures to operational sensors, and monitor and tune signature and sensor performance. Fuse open-source threat & vulnerability information with data collected from sensors across the enterprise into cohesive and comprehensive analysis. Develop security metrics and trend analysis reports. Qualifications Required: BS with 2+ Years of relevant experience, MS with 0 Years; additional relevant experience may be considered in lieu of a degree Active TS/SCI clearance is required Bachelor's degree in Computer Science, Information Systems, or equivalent education or work experience (additional relevant work experience can be substituted for a degree) Must have a current DoD 8570.1-M IAT Level II certification Desired Skills: Desired Certifications: CEH, GCIH, GCIA, GCFA 1+ years in a SOC or Incident Response role Experience with Cisco Firepower, Cisco Sourcefire, Cisco Advanced Malware Protection, Cisco Stealthwatch, Cisco Umbrella Experience with deploying and writing signatures (Snort, YARA, HIPS) Experience with network hunting utilizing Zeek/Bro Experience with McAfee ePO, HBSS Splunk: Create log searches, dashboards, setting up alerts, and scheduled reports to help detect and remediate security concerns. Experience with ArcSight Experience with Wireshark and packet analysis Experience with Tanium or other endpoint solutions Working knowledge of scripting languages such as Python, PowerShell, Shell Knowledge of Regular Expressions Knowledge of server and client operating systems Participate in development and reporting of security metrics Experience in a SOC or Incident Response role Benefits: Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and participation in an attractive bonus plan. Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure. Target Salary Range $104,000 - $166,000. This represents the typical salary range for this position based on experience and other factors. EEO EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

Cyberspace Solutions, a Crimson Phoenix company seeks an exceptionally qualified Mid Cyber Analyst with a TS/SCI clearance to support an ongoing government customer. Crimson Phoenix supports the US national security community and its allies with a wide range of analytic and cyber effect solutions that accelerate informed decision made in the telephony, IP messaging, cyber, and multi-source arenas. Our customers require insight from the endless volume and variety of data to make critical, high integrity decisions at mission speed. We are an innovative solutions company striving to be a global leader in multi-source data collection, predictive analysis and mobile/network surveillance (4G/5G) and assurance, from the Edge of Collection to the Core of Exploitation, Tactical to Strategic, Endpoint to the Enterprise. Responsibilities The contractor shall provide on-site functional and technical intelligence support to the DIA Intelligence Integration Centers including the collection, analysis, and production of all-source intelligence pertaining to foreign national Cyber MILCAP and foreign use of the Cyberspace Domain in compliance with DIA's SOP for the Cyber FPA, DIA ADO, ICD 203 and 206 sourcing, analysis, production, and DIA tradecraft standards. Qualifications Clearance: Top Secret//SCI Polygraph: Counterintelligence (CI) polygraph HS Diploma or GED and 7+ years of experience with analysis or Bachelor's degree and 3+ years of experience with analysis Experience with all-source intelligence analysis and production on foreign national cyber military capabilities and foreign use of cyberspace, including but not limited to doctrine, intent, operations, supporting services and infrastructure, and vulnerabilities Ability to develop high-quality deliverables tailored to senior policymakers or defense stakeholders, including complex written products and formal or informal briefings Preferred Qualifications: Experience with authoring current DoD product lines and utilizing ICD 203 tradecraft standards Experience with producing vector map products and conducting network analysis using geo enabled processes Experience with data analytics, analysis, and visualization Knowledge of the intelligence cycle Knowledge of one of the following AORs: the Americas, the Asia-Pacific, Eurasia, or the Middle East Equal employment opportunity employer: All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Crimson Phoenix is committed to providing veteran employment opportunities to our service men and women.

Overview/ Job Responsibilities Sev1Tech is looking for a Cloud Operations Analyst to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety. The contract will encompass a wide range of tasks including but not limited to: Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; Field Engineering technical support; and Cloud operations. Specifically, we're seeking a Cloud Operations Analyst to provide Cloud, Platform, and System Operations Services to the Department of Homeland Security (DHS). Responsibilities include but are not limited to: Manage, optimize, and troubleshoot issues for DHS's cloud compute, storage, and application hosting platforms, and for all other platforms, systems, and applications that comprise the HSEN, including troubleshooting of connectivity, latency, degraded performance, or unavailability issues Monitor and analyze cloud computing statistics and systems using CSP statistical feeds (e.g., Amazon Web Services; Microsoft Azure) and monitoring tool alert captures (e.g., Dynatrace) to determine possible points of failure and work with both IT Operations Cloud Computing Tier 2 Team, OCIO Solution Development Directorate (SDD) Cloud Tier 3 Teams, and other stakeholders, and recommend modifications to cloud-based environments and configurations to avoid or re-mediate unscheduled outages Conduct real-time (when possible, based on tools) monitoring and triaging of security alerts from SIEM, System, Network Appliance (Firewalls, IDS, etc.), Cloud Service (AWS, Azure, IBM, etc.), email (Microsoft Office 365,), and Endpoint (including Endpoint Detection and Response Solutions (EDR)) systems Monitor voice (phone) and electronic (email) and other sources designated by the Government for notification of network and cloud incidents, outages, and service degradations involving network services, CSP environments, Mission Essential Systems (MES) hosted in data centers and cloud environments, or DHS Component entities Minimum Qualifications BA or BS degree, or at least three (3) years IT work experience in federal government contracting Three (3) or more years of experience as a Cloud Analyst Experience monitoring networks, applications, and platforms in the cloud and on-prem including data centers Cloud operations experience with systems and data hosted in Microsoft and AWS environments Experience analyzing alerts and data from cloud native and other infrastructure and application monitoring tools Strong quantitative and qualitative data analysis skills Strong problem-solving and troubleshooting capabilities, with the ability to pinpoint root causes Track record of recommending alternative solutions to avoid unplanned outages and re-mediate them with a sense of urgency Ability to triage and efficiently escalate network and security issues, events, and problems Effective communication and collaboration skills, working with Tier 3 personnel, other contractor teams, IT customers, and vendors Clearance Requirement: Public Trust clearance or higher; Public Trust clearance with Dept of Homeland Security (DHS) or Customs & Border Protection preferred Desired Qualifications CSP Certification DHS experience About Sev1Tech LLC Welcome to Sev1Tech! Founded in 2010, we are proud to be a leading provider of IT modernization, engineering, and program management solutions. Our commitment is to deliver exceptional program and IT support services that empower critical missions for both Federal and Commercial clients. At Sev1Tech, our mission is clear: Build better companies. Enable better government. Protect our nation. Build better humans across the country. We believe that through innovation and dedication, we can make a significant impact on the communities we serve. Join the Sev1Tech family, where your potential for greatness is limitless! Here, you will not only achieve remarkable accomplishments but also enjoy a fulfilling and rewarding career progression. We invite you to explore opportunities with us and become part of a team that values your contributions and growth. Ready to take the next step? Apply directly through our website: Sev1Tech Careers and use the hashtag #join Sev1Tech to connect with us on social media! For any additional questions or to submit referrals, feel free to reach out to ***********************.

Cyber Security Analyst with TS/SCI Clearance and Polygraph We are actively seeking a skilled and dedicated Cyber Security Analyst with an active TS/SCI clearance and polygraph to join our dynamic team. As a Cyber Security Analyst, you will play a vital role in coordinating and enhancing the cybersecurity efforts of our organization, working alongside internal teams and external partners to protect critical systems and data. Key Responsibilities: Cybersecurity Coordination: Collaborate with internal cybersecurity personnel and external partners to track, task, and monitor cybersecurity issues, status, and activities at the office level. Timely Reporting: Report critical action items and findings to relevant stakeholders in a time-sensitive manner. Continuous Improvement: Identify, advocate for, and implement activities aimed at enhancing the cybersecurity posture of the systems supported by our organization. Dashboard Monitoring: Monitor and provide requirements for cybersecurity dashboards to ensure real-time visibility into the security of our IT systems. Vulnerability Oversight: Validate and oversee vulnerability scanning across all IT systems supported by our office. Actionable Findings: Present and track actionable findings to improve the vulnerability status of office systems. Risk Categorization: Categorize levels of risk associated with the enterprise, helping prioritize security efforts. Collaboration: Collaborate with product owners and development support teams to address cybersecurity issues and contribute to the strategic direction of our products. Mitigation Solutions: Identify cybersecurity system issues and propose effective mitigation solutions. Required Education & Experience: Must possess an active TS/SCI clearance with polygraph. Demonstrated experience in information systems security engineering. Demonstrated experience in the development and support of IT systems. Strong background in cybersecurity. Proficiency in analyzing results from vulnerability scanning tools. Experience in identifying and tracking the resolution of cybersecurity issues in IT systems. Preferred Skills: Demonstrated experience working directly with Front Office or Executive level staff and customers. CISSP (Certified Information Systems Security Professional) certification. Familiarity with the Sponsor's cybersecurity Assessment & Authorization process.

Cyberspace Solutions, a Crimson Phoenix company seeks an exceptionally qualified Mid Cyber Analyst with a TS/SCI clearance to support an ongoing government customer. Crimson Phoenix supports the US national security community and its allies with a wide range of analytic and cyber effect solutions that accelerate informed decision made in the telephony, IP messaging, cyber, and multi-source arenas. Our customers require insight from the endless volume and variety of data to make critical, high integrity decisions at mission speed. We are an innovative solutions company striving to be a global leader in multi-source data collection, predictive analysis and mobile/network surveillance (4G/5G) and assurance, from the Edge of Collection to the Core of Exploitation, Tactical to Strategic, Endpoint to the Enterprise. Responsibilities The contractor shall provide on-site functional and technical intelligence support to the DIA Intelligence Integration Centers including the collection, analysis, and production of all-source intelligence pertaining to foreign national Cyber MILCAP and foreign use of the Cyberspace Domain in compliance with DIA's SOP for the Cyber FPA, DIA ADO, ICD 203 and 206 sourcing, analysis, production, and DIA tradecraft standards. Qualifications Clearance: Top Secret//SCI Polygraph: Counterintelligence (CI) polygraph HS Diploma or GED and 7+ years of experience with analysis or Bachelor's degree and 3+ years of experience with analysis Experience with all-source intelligence analysis and production on foreign national cyber military capabilities and foreign use of cyberspace, including but not limited to doctrine, intent, operations, supporting services and infrastructure, and vulnerabilities Ability to develop high-quality deliverables tailored to senior policymakers or defense stakeholders, including complex written products and formal or informal briefings Preferred Qualifications: Experience with authoring current DoD product lines and utilizing ICD 203 tradecraft standards Experience with producing vector map products and conducting network analysis using geo enabled processes Experience with data analytics, analysis, and visualization Knowledge of the intelligence cycle Knowledge of one of the following AORs: the Americas, the Asia-Pacific, Eurasia, or the Middle East Equal employment opportunity employer: All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Crimson Phoenix is committed to providing veteran employment opportunities to our service men and women.

We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. Our delivery Offices are in Melbourne, Sydney, India, USA and UK. If you are looking for new opportunities, your profile at *************************** or contact us at +**********9 Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! **Position Summary:** The Vulnerability Analysis (VA) team is a global function responsible for the evaluation and prioritization of security vulnerabilities to enable appropriate remediation across the company. This individual contributor role will join a team of vulnerability analysts around the globe who support vulnerability management activities by leveraging analytic and technical skills to assess cyber security related risks. **Responsibilities include, but are not limited to:** + Analyze disclosed vulnerabilities, threat scenarios, and mitigating controls. + Research and evaluate threats and vulnerabilities to assist in prioritization of remediation actions. + Review and validate vulnerabilities using available data sources, tools and identifying new data sources as needed. + Collaborate with stakeholders on appropriate remediation & mitigation solutions. + Leverage creativity and influence to enhance the Vulnerability Analysis program. **Required Qualifications:** + 3+ years of experience in Cyber Security + Broad knowledge of information security principles + Understanding of Vulnerability Management principles and Risk Assessment methodologies + Knowledge of vulnerability attack methods, exploit results, attack chains + Knowledge of industry standard scoring models such as CVSS, CCSS + Process oriented with keen attention to detail + Ability to proactively anticipate problems and execute solutions + Strong work ethic and ability to effectively multi-task in a fast paced operational environment + Strong analytical and problem solving mindset + Effective communication skills + Highly motivated and willing to learn **Desired Qualifications:** + CISSP / CISM / Security+ Experience in cloud Vulnerability Management operations + Experience as a Vulnerability or Threat Analyst **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity and affirmative action, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. To view the "Know your Rights" poster, CLICK HERE (******************** . View the LA County Fair Chance Ordinance (************************************************************************************************** . Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE . This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

Enhance the organization's cybersecurity posture by performing comprehensive risk assessments, improving incident response protocols, and ensuring compliance with industry standards. Requirements Monitor network traffic & security events to detect potential threats utilizing Splunk and SCOM. Conduct vulnerability scans and risk assessments utilizing Tenable and Nessus. Analyze logs utilizing Splunk, Panorama and Syslog to reconstruct timelines of security incidents. Engage other cybersecurity experts frequently to share relevant knowledge, opinions, and recommendations, working to fulfill deliverables as a team. Support and enhance incident response strategies and threat detection capabilities. Apply network operations knowledge to predict potential attack vectors. Recommend improvements for threat data collection to support cybersecurity and IT operations. Analyze large datasets to identify risks and communicate findings to decision-makers. Conduct requirements analysis, feasibility assessments, and develop change proposals for application solutions. Design technical solutions independently, participate as a member of a multidisciplinary team to analyze sponsor requirements and designs, and implement software and perform analyses to address these requirements. Manage multiple parallel tasks and priorities of customers and stakeholders to ensure deadlines are met Provide solutions requiring analysis and creative use of innovative methods to complex problems by collaborating with subject matter experts and program managers in one or more of the following areas: critical infrastructure and industrial control system cyber security, information security. Prepare documentation, including testing plans, implementation guides, and research records. Generate reports on security posture, incidents, and compliance. Manage security vendor relationships and ensure contractual compliance. Develop and give cybersecurity training to domestic and international partners Provide cybersecurity expertise as part of multi-disciplinary teams providing assessments of sites and facilities and consulting to DOE/NNSA's DNN Preferred familiarization with RSA Perform other duties as assigned Non-Negotiable Requirements: 1. Top Secret with investigation current within the last 5 years 2. On-site, no remote Technical Environment: Microsoft, Linux, Splunk, Ansible, Tenable, GEMS A notification to prospective applicants that reviews, and tests for the absence of any illegal drug as defined in 10 CFR 707.4, will be conducted by the employer and a background investigation by the Federal government may be required to obtain an access authorization prior to employment, and that subsequent reinvestigations may be required. If the position is covered by the Counterintelligence Evaluation Program regulations at 10 CFR part 709, the announcement should also alert applicants that successful completion of a counterintelligence evaluation may include a counterintelligence-scope polygraph examination. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

Artech Information Systems is the #12 Largest IT Staffing Company in the U.S. and an employer of choice for over 7,000 consultants. We recruit world-class talent for IT, engineering, and other professional jobs at 70+ Fortune and Global 500 companies coast-to-coast across the U.S., India, and China. We are one of the fastest-growing companies in the US and we welcome you to search the thousands of jobs in our cutting-edge GEM system for employment opportunities that fit your qualifications. At the forefront of the staffing industry, Artech is a minority and women-owned business enterprise (MWBE) committed to maximizing global workforce solutions on behalf of its clients. Artech's deep heritage, proven expertise and insightful market intelligence has secured long-term partnerships with Fortune 500 and government clients seeking world-class professional resources. Job Title: Information Security Operations Center - Incident Handler III Location: Washington, DC Duration: 12+ Months Job Description: Essential Job Functions: • Monitor Security Events from IDS, SIEM, etc. • Log tickets to the Ticketing System • Handle calls from the MSSP(Managed security service provider & users regarding incidents/events, perform triage, resolve problems, or escalate to team members • Perform triage on alerts from all sources including Monitored Email Distribution Lists • Participate in rotating weekly shift supporting off hours and weekend activity (24x7) • Produce ad hoc reports and other ad hoc tasks Qualifications Required Skills/Abilities: • Monitoring skills related to IDS and SIEM • Understanding of TCP/IP, Ethernet, OSI model, layer 2 and layer 3 concepts • Understanding of Windows Registry, File system, etc. • Hands-on knowledge of Network Packet Analysis using tools • Ability to work with team members with varying levels of technical skills and diverse international backgrounds • Strong understanding of Networking and Operating systems concepts • Ability to adapt to and function in a project environment with multiple timetables and changing priorities • Ability to learn new concepts and approaches in Analyzing Security Incidents. • Good communication skills (Verbal and Written) Educational Qualifications and Experience: • Education: Bachelor's degree in Computer Science or Information Systems • Role Specific Experience: 2+ years of relevant experience in Information Security Incident Handling • Experience with Firewalls and information security technologies • Experience with CERT/CSIRT/CIRT/SOC Certification Requirements: Any two certifications would be a plus. CEH, Security +, CCNA Response activities, including containment, remediation, and root cause analysis Bachelor's degree and 5+ years of information security experience Experience in malware remediation and containments Hands on experience of Incident Response /Malware analysis Essential Job Functions: § Perform advanced Malware Analysis, along with Incident Response § Generate detailed Malware Analysis reports on PE and other common file structure samples § Provide actionable intelligence and suggestions for control updates based on the reverse engineering and malware analysis § Assist OIS in Identifying zero-day/vulnerable applications and impact Experience Matrix for Levels: • Level I - 2+ years of experience • Level II - 5+ years of experience • Level III - 7+ years of experience Note: The specific shift he wants to get covered is the 12pm-8pm EST window Strong experience in SOC environment and great soft skills/customer service Required people who can come for an in-person interview Additional Information For more information, Please contact Siva Kumar ************