NANA Cyber Security Analyst - Incident Response - TS/SCI required in San Antonio, Texas
Cyber Security Analyst - Incident Response - TS/SCI required
RiverTech, an Akima Company, delivers mission support services in the areas of engineering, communications, training, operations and maintenance, intelligence, aviation, logistics, and space systems that protect and defend sea, land, air and space operations and their personnel. Providing the talent, tools, and technologies to ensure exceptional performance in today’s most demanding and strategically critical global environments. This is RiverTech. Our personnel enjoy competitive benefits packages and challenging roles in work environments committed to innovation, diversity and opportunity for career growth. As an Alaska Native Corporation (ANC), 100% of our company’s profits go back to our 14,300 Iñupiat shareholders that have resided near and above the Arctic Circle for more than 10,000 years. Our business helps support their way of life and contributes to the survival of a culture that has thrived in a challenging environment.
The ability of the 33 NWS to complete its mission is dependent upon accurate, timely and thorough conduct of network traffic analysis and log analysis to evaluate intruder activities utilizing host and network‐based monitoring and system logs. Correlate information gathered to provide the 33 NWS effective methods to protect AF networks and associated domains and enclaves related to the 33 NWS ACD weapon system for mission execution.
The candidate will utilize a wide range of security tools, dashboards, including advanced threat detection, SIEM technology, web‐filtering, and other related tools. Comply with 3rd party MOU/MOA monitoring and reporting requirements. Determine probability of exploitation of discovered network vulnerabilities. Ensure appropriate notification and action are taken to reduce and mitigate risk to all AF networks, domains and enclaves. Upon identification of suspicious activity on AF networks, open network intrusion investigation(s) to validate the unauthorized activity and determine the type and extent of activity.
Provide OJT to other contractors, military, and/or civilian personnel, and maintain continuity folders/working aids in order to ensure efficient transition when personnel rotate.
Create and document metrics for reporting and analysis to improve weapon system processes and mission execution.
Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures.
5 years extensive knowledge of network firewalls, computer and server log analysis, computer network servers (DNS, proxy, e‐mail, domain controller, file server, Active Directory) and analysis of their logs; extensive knowledge of digital evidence collection, handling and security; experience with computer incident response and analysis and report dissemination; extensive knowledge and experience with network packet capture and analysis software such as WireShark (Ethereal) and Snort; experience with standard DoD network topology and DMZ boundary protection; experience with system analysis software (i.e. EnCase/EnCase Enterprise or FTK), software coding and debugging, and the virtual machine (VM) environment. Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects)
The duties and responsibilities listed in this job description generally cover the nature and level of work being performed by individuals assigned to this position. This is not intended to be a complete list of all duties, responsibilities, and skills required. Subject to the terms of an applicable collective bargaining agreement, the company management reserves the right to modify, add, or remove duties and to assign other duties as may be necessary. We wish to thank all applicants for their interest and effort in applying for the position; however, only candidates selected for interviews will be contacted.
We are an equal opportunity employer. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law.
We are committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you have a physical and/or mental disability and are interested in applying for employment and need special accommodations to use our website to apply for a position please contact, Recruiting Services at email@example.com or 571-353-7053. Reasonable accommodation requests are considered on a case-by-case basis.
The dedicated email and telephonic options above are reserved only for individuals with disabilities needing accessibility assistance to apply to an open position using our website.
Please do not use the dedicated email or phone number above to inquire on the status of your job application.
In order for our company to stay compliant with government regulations, please apply on line. Please DO NOT email resumes or call in lieu of applying online unless you have a physical and/or mental disability and need assistance with the online application.
Job: Information Technology
Primary Location: US-TX-San Antonio
Shift: Day Job
Req ID: RIV01296