CERT
search  


 
CERT Contact Information Meet CERT Employment Opportunities
 

Job #8679 - Cyber Security Analyst

SUMMARY

This position is with the CERT® Coordination Center (CERT/CC) at the Software Engineering Institute (SEI) of Carnegie Mellon University. You will support our work with the DoD-DIB Collaborative Information Sharing Environment (DCISE) program at DC3. The DCISE program is a new, innovative, collaborative program developed by the DoD to strengthen the capability of defense contractors to protect contractor networks containing DoD information.

Role: As a Computer Security Information Analyst, you will work closely with DCISE partners, technical analysts, and DoD agencies to strengthen the capability of defense contractors to protect contractor networks containing DoD information. Your primary responsibility will be to review, triage, and analyze incident reports submitted by DCISE partners and provide technical analysis feedback. This feedback may include remediation information, correlation with other known intruder activity, or indicators partners can use to look for similar activity on their network.

In addition, you will have an opportunity to explore new and innovative ways in which SEI's technical competencies and capabilities can be applied to current and future technical challenges faced by the DCISE program. This includes, but is not limited to areas such as malicious code, vulnerability, network traffic, and incident analysis.

Responsibilities:

  • Review, prioritize, and analyze incident reports from DCISE partners
  • Develop and distribute technical analysis and other feedback
  • Work closely with DCISE partners, technical analysts, and the DoD and other U.S. Government agencies
  • Explore new ways to leverage and apply SEI's expertise to protect the infrastructure of defense contractor and other critical infrastructure
  • Evaluate analytic needs of organization and work to continually improve the tools, processes, and systems used to support the DCISE program

ESSENTIAL FUNCTIONS

  1. Perform duties as a cyber intelligence technical fusion analyst, incident analyst and technical liaison between CERT and DC3. Review threat data from various sources, including appropriate Intelligence databases, and review incident reports from DIB partners to establish identity modus operandi, and credible threat picture of hackers active in DoD and defense industrial base networks. Correlate data into standardized reports. Develop cyber threat profiles. Produce cyber threat assessments based on entity threat analysis. Coordinate cyber threat tracking with partner and counterpart organizations. Recommend courses of action to DIB partners based on analysis of both general and specific threats, specifically advising DIB partners on steps to take to appropriately defend their networks, detect advanced persistent threat activity, and recover from compromises.. Deliver reports, briefings, and assessments to leadership, facilitating understanding of cyber threat entities and environments. Support information assurance and cyber threat mitigation decision-making.
  2. Working directly with SEI staff supporting the DIB program with incident, vulnerability, or malicious code analysis work.
  3. Developing knowledge and understanding of SEI capabilities; learning how SEI capabilities can be applied to customer problems.

MINIMUM QUALIFICATIONS

Education/Training: BS in Computer Science Information Science, Information Systems Management with eight (8) years applicable experience.

Licenses: N/A

Experience: Candidate should have strong technical, communication, and problem solving skills. Candidate should have advanced computer security incident handling and analysis in Windows and Unix/Linux environments and be able to demonstrate knowledge in the following areas:

  • core Internet protocols (e.g., IP, TCP, UDP, BGP, DNS, HTTP, SMTP)
  • common attack methodologies
  • common types of security vulnerabilities
  • basic computer security forensics
  • basic understanding of security vulnerabilities
  • administering and maintaining a small network
  • theoretical underpinnings of computer security
  • communicating complex technical issues to non-technical audiences
  • understanding and managing risk in large enterprise infrastructures
  • developing strategies to defend systems and networks from attacks

Skills/Abilities:Successful candidates will :

  • possess excellent analytical and technical problem-solving skills
  • have a strong interest in and possess basic knowledge of network and computer security issues
  • be able to make decisions independently and in a self-directed manner in support of the goals of the team and organization
  • be motivated to tackle challenging problems
  • have excellent organizational skills
  • be able to work meticulously with careful attention to detail
  • strong customer service skills
  • ability to work in a team environment with other team members with variety of skills
  • ability to work remotely at a customer site with minimal direct supervision
  • be able to communicate effectively within a team environment
  • be able to effectively prioritize work
  • be able to develop and explain technical decisions
  • recognize and deal appropriately with confidential and sensitive information
  • interact effectively with technical and non-technical audiences via both verbal and written communications (e.g., technical writing, user guide development, requirements analysis)
  • be able to quickly learn new procedures, techniques, and approaches

OTHER

Physical/Mobility:Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions: Normal office conditions; however close contact with computer for prolonged periods of time.

Mental: Ability to work under pressure and changing priorities; pay attention to detail; meet inflexible deadlines; deal with difficult individuals while maintaining composure.

Other: Candidate must be able to pass a background investigation, obtain a TS/SCI security clearance, be a US citizen, and work full-time at a customer site in the Baltimore/Washington, DC metro area. Candidate will be required to travel on overnight assignments.

Résumés from recruiting firms will not be accepted.
To apply please go to
Careers@CarnegieMellon
Carnegie Mellon is an Affirmative Action/Equal Opportunity Employer.

The Software Engineering Institute (SEI) is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University.

CERT® and CERT Coordination Center® are registered in the U.S. Patent and Trademark Office.

This page was last updated Monday, 19-Mar-2012 14:23:37 EDT