Sr. Computer Emergency Response Team (CERT) Analyst- NCCIC
About the Job
The Senior CERT Analyst position is assigned to the Multi-State Information Sharing and Analysis Center (MS-ISAC) team at CIS, and will also support the Elections Infrastructure-ISAC (EI-ISAC). The primary purpose of this position is to work as a member of the MS-ISAC CERT to help respond to cyber incidents impacting State, Local, Tribal and Territorial governments. This position will be located in the Department of Homeland Security’s (DHS) National Cyber Security and Communications Integration Center (NCCIC) in Arlington, VA. This position will work as the lead for incident handling while working hand-in-hand with the DHS Hunt and Incident Response Team (HIRT) to provide visibility into incidents reported to the MS-ISAC, as well as help with victim notifications and other duties as assigned. Reporting to the MS-ISAC Senior Liaison to the NCCIC, the Senior CERT Analyst will partner with other cybersecurity team members to promote the CIS mission and help continue our growth.
Here’s a Snapshot of your Tasks and Responsibilities
- Perform as an on-site liaison between NCCIC HIRT and the ISAC CERT and Security Operations Center in Albany, NY.
- Report and share information with NCCIC components related to significant cyber incidents
- Triage and correlate cyber security incidents, providing technical assistance as necessary
- Perform analysis to protect and secure sensitive information and systems
- Provide updates to the HIRT Incident Managers and/or leadership as to the cyber security posture of the State, Local, Tribal and Territorial sector
- Assist with Incident Response, Malware Analysis and Computer Forensics services to State, Local, Tribal and Territorial governments
- Perform forensics analysis on compromised systems to identify the extent and nature of the compromise and provide recommendations on remediation steps
- Assist with the analysis of previously undisclosed software and hardware vulnerabilities
- Provide MS-ISAC overview and technical capabilities briefings to internal and external NCCIC stakeholders as it relates to incident response
- Interface directly with the NCCIC during cyber incidents of national significance
- Brief senior government and impacted SLTT leadership regarding the threat landscape
- May be required to work alternate shifts and/or weekends with potential for travel
- Other duties as assigned
What are we looking for in you?
- Must currently hold US Security Clearance (Top Secret/SCI)
- Bachelor's degree in Computer/Information Science or a related field
- 4+ years’ experience in a cybersecurity operations environment
- Knowledge of configuring and implementing technical security solutions (firewalls and intrusion detection systems)
- Knowledge of TCP/IP protocols and analysis
- Knowledge of IT security principles and standards
- Experience in responding to IT vulnerabilities and threats
- Knowledge of the Intelligence Community and proper handling of classified material
*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.
- 1+ years of experience in Malware Analysis and Forensics
- Experience with scripting languages such as Bash, Perl, or Python
- Familiarity with various log types (e.g. Windows Event, Web server, Firewall logs, etc.)
- Experience with *nix distributions, such as Fedora, CentOS, and Debian, at the command line level
- Working knowledge of forensic methodologies and related tools (e.g. TK, EnCase, and SANS SIFT)
- Certifications in related areas, (e.g. GCFE, GCIH, GREM, CCFE, CFCE, etc.)
- Drive innovation by analyzing and interpreting data to test and inform a new initiative or approach.
- Accountable for successful completion of multiple, individual projects simultaneously.
- Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.
- Manage change and demonstrate adaptability by embracing change and adjusting priorities or processes and approach as needs dictate.
- Take responsibility for successes and failures related to individual and team-based project work assignments; actively presents suggestions for solution(s), if objectives not met.
The CIS Offer
- A culture that is engaging, fun and energetic
- An organization that supports Work/Life balance
- Competitive compensation
- Comprehensive benefits package including medical, dental, vision and life insurance
- 401K plan with company match
- Bonding and military leave
- Paid time off upon date of hire
- Tuition and certification reimbursement
- Relocation assistance
- On-site wellness programs
- Community involvement opportunities
- An environment that promotes growth and professional development including our award-winning training opportunities