Full Job Description
Business Group Highlights
The Intelligence group provides high-end systems engineering and integration products and services, data analytics and software development to national and military intelligence customers. Serving federal agencies and the Intelligence Community for more than 50 years, the Intelligence group helps our clients meet their mission needs by providing trusted advisors, leading-edge technologies, and innovative solutions.
The Customer is seeking an experienced Cyber Security Analyst (CSA) to conduct technical investigations supporting the design, engineering, implementation, and maintenance of various enabling technologies for mission systems/networks, and applications for technology and cyber related investigations. The CSA fulfilling this role is responsible for analyzing of both enterprise-level and operational-level technologies to minimize technical risks . S/he will investigate, analyze, and provide in depth technical synopses of Customer and various external customer projects and technical initiatives from all disciplines. S/he will assist with investigative efforts supporting digital forensic examination and analysis, conducting in-depth and security-focused system architecture and network infrastructure review, and network traffic analysis, and assessing data pertaining to network intrusions and/or cyber related attacks on Customer's equities. The following experiences are pre-requisites to meeting the mandatory requirements. The CSA will be required to work independently with minimal supervision and will work directly mission partners. Some local travel is required for this position. Activities performed in this capacity include but are not restricted to:
Provide recommendations for end-to-end technical analysis
Work with mission partners and other contractors to fully understand the technical solutions under investigation and mission environment and challenges in which they operate in
Document and brief the current network architecture and infrastructure and use knowledge gained to identify security risks that may lead to compromise of the mission partner's network infrastructure and operations, and make recommendations to improve the security posture
Relate these security findings within an end-to-end technical assessment highlighting where security risks and mitigation strategies are required
Identify potential security risks and technical vulnerabilities of systems/networks and recommend mitigations to the Customer and its mission partners
Conduct network or networking technology security assessments as well as security assessments of network and systems topologies
Conduct in-depth system architecture and end-to-end network infrastructure review
Analyze IP network topologies for security, technical and operational vulnerabilities and security risks
Conduct analysis of IP networks within the mission partner's system architecture to assess enterprise/operational vulnerabilities and document technical security risk and risk mitigation strategies
Perform network infrastructure assessments with respect to security risks, with an eye on system topologies and known vulnerabilities
Examine networks to identify any aggregation points that could lead to an adversary attributing and linking business operations and/or operational activities to the Customer's corporate office
Conduct technical security assessments of the networks used to transport data from the outside to/from the Customer's corporate office
Examine the networks design and security features to identify risks and offer
Determine technical security risks associated with using commercial software applications and Software as a Service on the Customer's infrastructure
Review audit logs, configurations of IP-based network equipment such as routers, switches, firewalls, Intrusion Detection & Prevention System (IDS/IPS}, One Way Transfer (OWT} and Internet of Things (loT) appliances for security policy and deployment guideline compliance, operating system and security patch updates, configuration baseline
Review current configurations for all IP-based network infrastructure devices against current policies and guidelines to determine if they meet the criteria laid out in those governance documents. Ensure operating systems and software have the most recent security patches applied and meet the configuration baseline
Determine as-is design against the configuration required by customer policies and controls
Use network security software tools to identify vulnerabilities on devices and networking equipment
Perform digital forensics on these systems to identify any vulnerabilities that could be leveraged by an adversary to exploit the systems/networks
Document security findings in a formal security risk assessment report
These technical security assessments are produced and briefed to the key stakeholders and Approval Boards to allow them to make informed decisions on the systems/networks.
Support external customer projects by providing network engineering and cyber security analytic expertise and guidance to ensure the projects comply with Customer policy and regulation
Support efforts of the Customer's mission partner(s) to properly configure there network systems to comply with prescribed cyber policies and regulations, so those systems would be approved for connectivity to the Customer's base-end
Participate throughout the development of the system, attend Review Board(s), and provide security guidance to mitigate security concerns throughout the system's
Provide technical security recommendations to architecture and design reviews to enhance security posture
Document all security findings in a formal briefing which will document the current architectural design and highlight those areas which require immediate improvements to safeguard the integrity of the infrastructure
Capture areas which should be addressed in the near future, as well as note items of caution, to ensure vulnerabilities continue to be reduced across the architecture
Provide insight into latest threats and countermeasures
Leverage organization-specific knowledge to ensure most recently uncovered risks to both software and hardware vulnerabilities are documented for the Customer and its mission partners, along with mitigation approaches and strategies
Evaluate network operations using network management platforms, auditing functions, and log reviews
Work with a variety of tools to allow for the monitoring and audit of all activity within the enterprise/operational network
Provide assistance in reviewing audit results and highlight all areas of concern with respect to security management, unusual usage, failed log attempt and other anomalies which can indicate insider threat issues
Examine audit logs and used tool(s) to discover network anomalies on the network(s)
Review procurement processes of hardware, software and services to comply with Customer needs
Understand the acquisition work flow and review the contents of requested enterprise hardware and software to ensure those resources comply with the Customer's approved list and that the integration of these items will not present operational risks to the enterprise and operational environment
Research the provenance of equipment and network services by using open source and leveraging organization-specific knowledge to ensure that Customer's equities across multiple offices were protected and there would be no affiliation between the systems and the Customer's organization
Attend Working Groups and customer/mission partner meetings
Attend all relevant meetings and Working Groups and provide subject matter expert level artifacts and discussion as required.
Capture key point s and integrate our understanding of the mission partners focus areas and concerns into our approach to maintain security posture within the
Brief Approval Board(s), Technical Review Board(s), and provide security guidance to Customer's mission partners
Identify possible technical and/or security problems and provide documented responses
Support technical requirements management
Perform complex problem management research and issue resolution
Assist with day-to-day complex system administration (Windows and Linux) tasks as necessary
Provide IT operations process improvement recommendations and implementation
Assist with automation of administrative tasks through scripting
Function as an inter/intra-group liaison as projects required
Bachelor's degree in Network Security/Engineering, Information Assurance, Computer Engineering, Electrical Engineering, Computer Science, or a scientific or technical discipline with a minimum of 10 years work experience.
Extensive knowledge and demonstrated experience on enterprise-scalable wireless mobility solution, multi-factor authentication products, and wireless intrusion detection systems.
Extensive knowledge and demonstrated experience in cloud-based computing environment supporting and administering cloud products & services.
Demonstrated experience with networking concepts (TCP/IP, HTTP, HTTPS, FTP, RPC, SNMP, DNS, etc.) and proficiency with network traffic analysis tools
Demonstrated hands-on experience setting up, configuring, and troubleshooting network services, equipment and devices, such as switches, routers, servers, firewalls,
Demonstrated experience analyzing and solving technical security concerns and recommending countermeasure guidance to improve security posture.
Demonstrated experience analyzing, identifying and providing software and hardware forensic examination support based on submitted
Demonstrated experience working and interacting with other engineering groups to define, document, analyze, perform and interpret tests for products, systems or
Demonstrated ability to apply critical thinking and use investigative mindset to conduct technical security review/evaluation/assessment of technology
Demonstrated ability to present findings and/or recommendations in written reports that are concise, well-structured and require minimal
Ability to translate highly technical and complex issues into terms comprehensible to nontechnical decision
Knowledge and experience with security considerations in operations and/or Customer's programs.
Knowledge and experience conducting security/technical assessment on Customer's corporate and operational infrastructure
Knowledge and experience on a broad range of wireless/mobility and network technologies used within the Customer's corporate enterprise and operational network infrastructures and the Customer's mobility programs and services
Experience supporting and administering Commercial Cloud Services (C2S) for involving platform technology such as AWS,
Support efforts to ensure Customer's corporate networked systems and related IT architecture are appropriately aligned with established security measures and safeguards; assist with the formation of policy regarding the security requirements for such systems; and make appropriate recommendations to the Customer, mission partners and
Ensure compliance with security policies and procedures through the review of documentation, hardware drawings/configurations and proposals
Review and provide information security guidance of requirements for Customer's IT-based products, systems, and network infrastructures, planned communication platforms/connectivity, pending enterprise and operational infrastructure design and/or proposed design This includes the review of LAN upgrade/expansion documentation, secure communication packages, video teleconferencing equipment proposals, collaboration tools, etc.
Represent Customer's equities related IT specific boards, control gates and/or working groups to ensure security measures and safeguards are being
Advanced degree in engineering degree (Network Security/Engineering, RF/Wireless Engineering, Network Security/Engineering, Computer Engineering, Electrical Engineering, Computer Science, or a scientific or technical discipline)
Hands-on experience in network evaluation and analysis, penetration testing and analysis, digital forensic evaluation analysis to include mobile device forensic (examining/imaging) analysis using commercial solutions such as Encase, FTK, XRY, Cellebrite, MacQuisition, and Wireshark applications
General understanding of Customer's current IT business processes and procedures
Experience supporting the Customer's IT enterprise and operational requirements
What matters to our nation, is what matters to us. At Perspecta, everything we do, from conducting innovative research to cultivating strong relationships, supports one imperative: ensuring that your work succeeds. Our company was formed to bring a broad array of capabilities to all parts of the public sector—from investigative services and IT strategy to systems work and next-generation engineering.
Our promise is simple: never stop solving our nation’s most complex challenges. And with a workforce of approximately 14,000, more than 48 percent of which is cleared, we have been trusted to do just that, as a partner of choice across the entire sector.
Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories.
As a government contractor, Perspecta abides by the following provision
Pay Transparency Nondiscrimination Provision
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of the other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c).