Washington, DC
Cyber Security Analyst with Security Clearance
Responsibilities: Provide guidance, consultation, research and technical information on capabilities, connections, limitations, and risks in a cloud environment
Provide technology expertise and knowledge of cloud data management strategies to support multithreaded applications
Recommend improvements and changes to security posture, capability deployment, focus areas for threats and vulnerabilities
Automate security controls, data and processes where applicable, to provide improved metrics and operational support
Identify, design and deploy solutions to secure cloud usage, using cloud-native or commercial-off-the-shelf (COTS) solutions
Analyze and define data requirements and specifications for log ingestion from various cloud data sources
Evaluate the performance of ongoing security maintenance in CG Cloud environments; assess the ability of the service provider to maintain an acceptable security posture on a monthly basis
Assist with investigation of security incidents in all USCG cloud service offerings; recommend and implement solutions to remediate or mitigate
Coordinate with Coast Guard leadership regarding cloud specific anomalous events and incidents; articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan
Understand system and application security threats and vulnerabilities to include buffer overflow, SQL injection, race conditions, covert channel, replay and return-oriented attacks, malicious code, and malicious scripting
Understanding of the foundations of a hardened windows network and what native services and protocols are subject to abuse (such as RDP, Kerberos, NTLM, WMI, and SMB)
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
Requirements: Bachelor's degree desired, but not required
At least 5 years of experience in cyber security and/or cyber defense, and at least 2 years of experience working in maintaining or managing Cloud environments (such as Microsoft Azure, Amazon Web Services (AWS), using tools like Microsoft Sentinel)
Experience in Amazon Web Service Government Cloud or Microsoft Azure Government Cloud
Advanced knowledge and experience with the Amazon cloud platform AWS, to include core AWS resources such as VPC, EC2, S3, etc., as well as advanced resources such as Lambda and CloudFront
Advanced knowledge and complete familiarity with cloud security concepts, technologies, and best practices
Strong technical knowledge of secure application deployment in cloud environments (SaaS, IaaS, PaaS)
Proficiency with applying an Incident Response process to cloud environments (cloud, on-premises, and hybrid)
Significant proficiency and knowledge of cybersecurity and analysis tools, tactics, techniques, frameworks, and procedures which supports identification and analysis of cyber events and incidents
Advanced knowledge of Enterprise Windows Services and the security configuration of them
Experience with Microsoft Azure and associated security features such as Sentinel and Azure Security Center; knowledge of or experience with developing Azure playbooks
Active AWS Cloud Practitioner Certification and/or Azure Fundamentals Certification
Active TS/SCI security clearance with a CI polygraph, or the ability to obtain and maintain a CI polygraph
As a contingency to employment at NetCentrics, all candidates who are given offers must successfully pass a background investigation including criminal history and reference checks Desired qualifications/skill set:
Active DoD 8570 CSSP Analyst baseline certification
Preferred cloud certifications: Azure SC-200, AZ-500; AWS Security certification
Provide technology expertise and knowledge of cloud data management strategies to support multithreaded applications
Recommend improvements and changes to security posture, capability deployment, focus areas for threats and vulnerabilities
Automate security controls, data and processes where applicable, to provide improved metrics and operational support
Identify, design and deploy solutions to secure cloud usage, using cloud-native or commercial-off-the-shelf (COTS) solutions
Analyze and define data requirements and specifications for log ingestion from various cloud data sources
Evaluate the performance of ongoing security maintenance in CG Cloud environments; assess the ability of the service provider to maintain an acceptable security posture on a monthly basis
Assist with investigation of security incidents in all USCG cloud service offerings; recommend and implement solutions to remediate or mitigate
Coordinate with Coast Guard leadership regarding cloud specific anomalous events and incidents; articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan
Understand system and application security threats and vulnerabilities to include buffer overflow, SQL injection, race conditions, covert channel, replay and return-oriented attacks, malicious code, and malicious scripting
Understanding of the foundations of a hardened windows network and what native services and protocols are subject to abuse (such as RDP, Kerberos, NTLM, WMI, and SMB)
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
Requirements: Bachelor's degree desired, but not required
At least 5 years of experience in cyber security and/or cyber defense, and at least 2 years of experience working in maintaining or managing Cloud environments (such as Microsoft Azure, Amazon Web Services (AWS), using tools like Microsoft Sentinel)
Experience in Amazon Web Service Government Cloud or Microsoft Azure Government Cloud
Advanced knowledge and experience with the Amazon cloud platform AWS, to include core AWS resources such as VPC, EC2, S3, etc., as well as advanced resources such as Lambda and CloudFront
Advanced knowledge and complete familiarity with cloud security concepts, technologies, and best practices
Strong technical knowledge of secure application deployment in cloud environments (SaaS, IaaS, PaaS)
Proficiency with applying an Incident Response process to cloud environments (cloud, on-premises, and hybrid)
Significant proficiency and knowledge of cybersecurity and analysis tools, tactics, techniques, frameworks, and procedures which supports identification and analysis of cyber events and incidents
Advanced knowledge of Enterprise Windows Services and the security configuration of them
Experience with Microsoft Azure and associated security features such as Sentinel and Azure Security Center; knowledge of or experience with developing Azure playbooks
Active AWS Cloud Practitioner Certification and/or Azure Fundamentals Certification
Active TS/SCI security clearance with a CI polygraph, or the ability to obtain and maintain a CI polygraph
As a contingency to employment at NetCentrics, all candidates who are given offers must successfully pass a background investigation including criminal history and reference checks Desired qualifications/skill set:
Active DoD 8570 CSSP Analyst baseline certification
Preferred cloud certifications: Azure SC-200, AZ-500; AWS Security certification
Recommended Skills
- Amazon Cloudfront
- Amazon Elastic Compute Cloud
- Amazon S3
- Amazon Virtual Private Cloud (Vpc)
- Amazon Web Services
- Application Security
Browse other jobs