USACares Jobs

Job Information

NANA Cyber Security Analyst - Emerging Threats - TS/SCI required in San Antonio, Texas

Cyber Security Analyst - Emerging Threats - TS/SCI required


RiverTech, an Akima Company, delivers mission support services in the areas of engineering, communications, training, operations and maintenance, intelligence, aviation, logistics, and space systems that protect and defend sea, land, air and space operations and their personnel. Providing the talent, tools, and technologies to ensure exceptional performance in today’s most demanding and strategically critical global environments. This is RiverTech. Our personnel enjoy competitive benefits packages and challenging roles in work environments committed to innovation, diversity and opportunity for career growth. As an Alaska Native Corporation (ANC), 100% of our company’s profits go back to our 14,300 Iñupiat shareholders that have resided near and above the Arctic Circle for more than 10,000 years. Our business helps support their way of life and contributes to the survival of a culture that has thrived in a challenging environment.

Job Summary:

The ability of the 33 NWS to complete its mission is dependent upon accurate, timely and thorough analysis of operational intelligence and cyber mission data. This data must also be archived for longterm analysis in order to contribute to the continued success of the unit. The scope of this task will include all duties required to assist the Defensive Cyberspace Analytical Support (Emerging Threats) and 33 NWS personnel perform their daily duties.


The candidate will analyze current and historical traffic entering the Air Force network using ArcSight, Centaur, 20Noesis, Splunk, ELK, Fidelis, Solera, Niksun, Wireshark and other available tools (commercial and government provided), including OSINT and other classified reporting databases. Conduct analysis to determine if the network traffic requires further investigation of the Air Force asset(s) in question. The ETA Analyst will, correlate various data points using historical network traffic, operational events,

reporting patterns, and other data to discern anomalies, patterns, or trends; perform post intrusion correlation to ensure current incidents are contained and have not spread to other Air Force Bases, networks or enclaves.

  • Present relevant findings to both technical and non‐technical audiences.

  • Produce and present topical high‐interest technical and operational intelligence briefings to all levels of command.

  • Provide OJT to other contractors, military, and/or civilian personnel and maintain continuity

  • Create and document metrics for reporting and analysis to improve weapon system processes and mission execution.

  • Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures.


Minimum Qualifications:

  • 3 years (5 Desired): Formal Intelligence Analysis training and government/law enforcement experience preferred. Previous experience working with hunting tools and technologies.

  • Understanding of Networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP). Experience with open source Malware Analysis platforms (Assemblyline, Cuckoo, Malboxes).

  • Experience with one or more commercial Malware Analysis platforms (Joe Sandbox, VirusTotal, etc.) Experience submitting and formatting malware intelligence into a centralized platform (Splunk, MISP, ELK Stack)Mid‐level Linux security administration and knowledge to install and troubleshoot open source malware tools.

  • Ability to analyze shellcode for both Windows and Linux. Functional knowledge of scripting (python, javascript, powershell, visual basic).

  • Functional understanding of decoding and deobfuscating malware communications.

  • Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects).

The duties and responsibilities listed in this job description generally cover the nature and level of work being performed by individuals assigned to this position. This is not intended to be a complete list of all duties, responsibilities, and skills required. Subject to the terms of an applicable collective bargaining agreement, the company management reserves the right to modify, add, or remove duties and to assign other duties as may be necessary. We wish to thank all applicants for their interest and effort in applying for the position; however, only candidates selected for interviews will be contacted.

We are an equal opportunity employer. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law.

We are committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you have a physical and/or mental disability and are interested in applying for employment and need special accommodations to use our website to apply for a position please contact, Recruiting Services at or 571-353-7053. Reasonable accommodation requests are considered on a case-by-case basis.

The dedicated email and telephonic options above are reserved only for individuals with disabilities needing accessibility assistance to apply to an open position using our website.

Please do not use the dedicated email or phone number above to inquire on the status of your job application.

In order for our company to stay compliant with government regulations, please apply on line. Please DO NOT email resumes or call in lieu of applying online unless you have a physical and/or mental disability and need assistance with the online application.

Job: Information Technology

Primary Location: US-TX-San Antonio

Shift: Day Job

Req ID: RIV01293