Detection Analyst / Watch Officer

McLean, VA

Job ID: 128233 Industry: Government


Candidate MUST HAVE a TS/SCI with Polygraph  security clearance in order to be considered. 

Job Description:

The contract provides Computer Network Defense and Analysis (CND) to the customer’ s network.   Because the customer allows their user community to access their personal email accounts while on site, there is a lot of spam hitting their network regularly.   This contract is responsible for the 24 x 7 x 365 protection of the customer’ s network from maliciously intended viruses and attacks on their network.   As part of this they are looking for two Intrusion Detection Systems (IDS) Cyber Security Analysts to come and join their team.

Day to day Responsibilities:

As the Detection Analyst /  Watch Officer, you will perform IDS.CND/SOC Analysis and administrative activities as part of an Intelligence Cyber Incident Response Team (CIRT) 24x7 cyber Watch Center. The candidate will coordinate and collaborate with Intelligence Community (IC) elements to maintain Common Situational Awareness (CSA) of network incidents and events for the community, Senior Director of National Intelligence (DNI) staff, and the IC Chief Information Officer (CIO). As a member of the CIRT contract team, the candidate will be expected to collaborate closely with internal units, Department of Defense (DoD), and other Federal/Civilian entities to ensure successful mission accomplishment with the intention of meeting   and exceeding the CIRT' s long-term goals.
  • Work an 8-hour shift on the CIRT Watch Floor
  • As required, brief senior leadership daily on emerging threats, high profile incidents, and upcoming events
  • Possess experience leading cyber, technical, or analytical teams
  • Conduct cyber intelligence link analysis utilizing open-source and classified research on emerging/trending threats and vulnerabilities
  • Collaborate between CIRT elements as necessary during incident detection and response stages
  • Respond promptly to all request for support whether telephonic, via e-mail or instant messenger
  • Create releasable finished intelligence products and reports for the IC as well as IC Senior Leadership
  • Maintain incident case management database for all reported incidents
  • Analyze incidents and events captured in the Case Management Database for trends, patterns, or actionable information
  • Review incidents and events captured in the Case Management Database after closure for investigative sufficiency and timeliness
  • Leverage existing business processes and where necessary define and document new repeatable business processes and procedures
  • Establish a baseline understanding of IC-wide network assets and capabilities through community outreach and persistent communication with IC elements.
  • Research external information on events, incidents, outages, threats, and technical vulnerabilities
  • Coordinate and disseminate the best course of action for the IC enterprise during cybersecurity events, incidents, outages, threats and technical vulnerabilities with IC-IRC fusion analysis team
  • Coordinate individual organizational actions to reduce overall shared risk to the IC Information Environment (IC IE)
  • Assess incidents to identify type of attack, estimate impact, and collect evidence
  • Recommend range of mitigation actions for decision making at the Action-Officer and Senior Leadership level
  • Maintain personnel accountability systems

Required Skills:
  • BS degree and  5+ years watch operations experience
  • Have demonstrated leadership qualities
  • Experience with Cyber Network Defense Analysis and CIRT
  • Experience in one or more of the following:
    • computer network penetration testing and techniques
    • computer evidence seizure, computer forensic analysis, and data recovery
    • computer intrusion analysis and incident response, intrusion detection
    • computer network surveillance/monitoring
    • network protocols, network devices, multiple operating systems, and secure architectures

Desired Skills:
  • Security+, CISSP, CASP or CEH

Job Type: Full Time 

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: