Fusion Support Analyst (Job Number:409983)
SAIC currently has a contingency position for a Fusion Support Analyst to support the United States Cyber Command (USCYBERCOM) at Fort Meade, Maryland.
Fusion is the collaboration, correlation, and analysis of cyberspace incident reports derived from reliable sources, network sensors, vulnerability management devices, open source information, and DoD component provided situational awareness of known adversary activities.
Threat detection analysis and coordination provides monitoring, correlation, and prevention of cyber threat activity targeting the DODIN. This task requires technical knowledge on the utilization of government and industry capabilities, best security practices, advanced log analysis, forensics, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, and anti-virus capabilities. Additionally, this task requires technical knowledge of forensics analysis to determine adversary methods of exploiting information system security controls, the use of malicious logic, and the lifecycle of network threats and attack vectors.
Daily activities include:
- Analyze the details of Named Areas of Interest (NAI) and advanced persistent threats that impact the DODIN, track, correlate, harvest, trend, and report on the unique TTPs utilized
- Conduct incident handling/triage, network analysis and threat detection, trend analysis, metric development, and security vulnerability information dissemination
- Configure, maintain, and utilize USCYBERCOM and CC/S/A/FA capabilities in order to detect, monitor, track, and analyze malicious activity targeting the DODIN
- Consume, review, correlate, and report on high priority DoD, Intelligence, and U.S. Government operational reporting of threats and vulnerabilities to correlate similar incidents/events, malicious tradecraft, TTPs of malicious activity, and indicators utilized to impact or target the DODIN
- Develop consolidated notifications and updates to the USCYBERCOM JOC on threat and vulnerability activity
- Develop, obtain government approval of, and release situational awareness reports/products, operational directives/orders/messages, and quarterly threat analysis reports/metrics
- Review, analyze, and maintain the content of a DoD indicator database to aid in the detection and mitigation of threat activity
- Update DoD shared situational awareness mechanisms, including USCYBERCOM websites, Wikipedia style solutions, and collaboration/chat mechanisms
- Develop and present cyber threat briefings, presentations, and papers to USCYBERCOM leadership to ensure situational awareness and status are conveyed related to the assigned project areas
- Operate as the DoD community leader for the discovery of threat activity and associated indicators
- Determine sophistication, priority, and threat level of identified malware and intrusion related TTPs
- Develop metrics and trending/analysis reports of malicious activity used to compromise the DODIN
- Develop, staff, and release analysis findings in technical analysis reports to DoD Community
- Manage a DoD prioritization process to identify priority threats and vulnerabilities that impact the DODIN
- Develop signatures for use within DoD threat detection capabilities to detect potentially malicious activity on the DODIN
- Coordinate with USCYBERCOM partner organizations to receive, distribute, and conduct analysis on vulnerability and threat information that impacts the DODIN and the Defense Industrial Base (DIB) Assess vulnerability of DODIN operations in support of defensive cyber operations
- Draft and propose USCYBERCOM guidance, directives and products
- Maintain situational awareness of Intrusion Problem Sets, including NAI for collaboration with the DoD cyber analysts and cyberspace partners
- Develop, review, and report on defensive cyber operations and cybersecurity products
- Develop, review, and comment on incident handling procedures and reporting
- Coordinate analysis projects related to Intrusion Sets and NAI compromises
- Assist in developing processes and procedures designed to facilitate increased awareness, intelligence, and technical data fusion support
- Provide recommended improvements on Cybersecurity posture through technical research and analysis
- Provide technical research and analysis of computer forensic evidence
- Provide recommendations to aid USCYBERCOM in assessment reporting and mitigation strategies
- Analyze Cybersecurity/Defensive Cyber Operation activities on Government systems and make recommendations for actions to protect the DODIN
- Evaluate operational information, intelligence information, assessments and reports, Computer Emergency Response Team (CERT), LE/Counter Intelligence (CI), allied/coalition, and open-source information to assess potential impacts on the DODIN
- Develop and propose processes and procedures designed to facilitate all-source intelligence analysis of the foreign threat picture.
- Minimum five (5) years of experience with cybersecurity or information assurance.
- Creation and dissemination of orders and directives to provide guidance to the DoD community.
- Staff experience researching and writing white papers, compliance reports and assessment reports in support of activities for defining policy.
- Ability to develop briefing materials, administrative, and logistics support.
-Excellent writing skills and ability to communicate effectively, including public speaking, and briefing senior officers.
-Proficiency in the use of Microsoft Office Suite.
- Vulnerability Management
- Nessus Vulnerability Scanner
- DIACAP Experience
- Microsoft Server or Red Hat Linux Enterprise Server
- Bachelor's Degree or higher from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline
- Master's Degree may be substituted for two (2) years of relevant experience
- DoD 8570 Level II Information Assurance Certification is required
TRAVEL AND SECURITY: CONUS/OCONUS; TS/SCI with Polygraph
SAIC Overview:SAIC is a leading provider of technical, engineering and enterprise information technology services to the U.S. government. Our 13,000 employees deliver systems engineering and information technology offerings for large, complex government programs, as well as a broad range of higher-end, differentiated technology services. The company is headquartered in McLean, Va. For more information, visit www.saic.com.
EOE AA M/F/Vet/Disability
Job Posting: Apr 10, 2015, 11:56:32 AM
Primary Location: United States-MD-FORT GEORGE G MEADE
Clearance Level Must Currently Possess: Top Secret/SCI with Polygraph
Clearance Level Must Be Able to Obtain: None
Potential for Teleworking: No
Shift: Day Job