Cyber Defense Analyst

Job Description

Job Description

Defensive Cyber Operations Junior Analyst

East Tennessee Research and Development facility with the Department of Energy seeks to hire a Junior Cyber Security Analyst to immediately support their Defensive Cyber Operations (DCO) team. This position’s primary responsibility is to conduct event triage in a tiered operational security model while training in and supporting threat hunting and threat intelligence tasks.

Responsibilities :

• Support the DCO environment in identification and analysis of threats in Security Incident and Event Management (SIEM) alerts, dashboards, and queries
• Resolve or escalate alerts / events / incidents as defined in DCO service level agreements according to level of severity
• Help develop advanced queries and alerts to detect adversary actions and compile detailed investigation and analysis reports for internal DCO consumption, and for delivery to management
• Work with the Emerging Threat team to capture intelligence on threat actor tactics, techniques, and procedures (TTPs) and leverage automated and manual countermeasures in response
• Work with the Threat Hunting team to perform hypothesis-driven hunts of the network for undetected threats
• Field customer requests for support ranging from potential phishing events to abnormal system activity
• Triage reports from DOE entities, CISA, and external penetration testers, and coordinate resolution with system administrators in keeping with BOD 18-01, 19-02, and 22-01 requirements
• Analyze suspicious links and attachments in a secure malware analytics platform as part of a comprehensive phishing analysis procedure
• Triage malware and anomalous activity alerts generated by an EDR system

Requirements :