Junior Cyber Security Analyst

Defensive Cyber Operations Junior Analyst

Research National Laboratory seeks to hire a Junior Cyber Security Analyst to immediately support their Defensive Cyber Operations (DCO) team. This position's primary responsibility is to conduct event triage in a tiered operational security model while training in and supporting vulnerability management and threat intelligence tasks.

Responsibilities:

• Support the DCO environment in identification and analysis of threats in Security Incident and Event Management (SIEM) alerts, dashboards, and queries
• Resolve or escalate alerts/events/incidents as defined in DCO service level agreements according to level of severity
• Help develop advanced queries and alerts to detect adversary actions and compile detailed investigation and analysis reports for internal DCO consumption, and for delivery to management
• Work with the Emerging Threat team to capture intelligence on threat actor tactics, techniques, and procedures (TTPs) and leverage automated and manual countermeasures in response
• Field customer requests for support ranging from potential phishing events to abnormal system activity
• Triage reports from DOE entities, CISA, and external penetration testers, and coordinate resolution with system administrators in keeping with BOD 18-01, 19-02, and 22-01 requirements
• Analyze suspicious links and attachments in a secure malware analytics platform as part of a comprehensive phishing analysis procedure
• Triage malware and anomalous activity alerts generated by an EDR system

Requirements:

• Bachelor's degree in Computer Science or related field with 1-2 years of cyber operations work experience or an equivalent amount of education and experience
• Experience with ServiceNow, JIRA ServiceDesk, or other ticketing system
• Relevant certifications (GSEC, Security+, CEH, etc) preferred
• The position requires eligibility to obtain a DOE security clearance. Candidates with an Active Q Clearance or Top-Secret Clearance are a plus