Back to jobs
T

Cyber Defense Analyst 3

Annapolis Junction, USAPosted 2 days ago
Full-timeonsite

Job Description

The Swift Group is a privately held, mission-driven and employee-focused services and solutions company headquartered in Reston, VA. Our capabilities include Software Development, Engineering & IT, Data Science, Cyber Enablement, Logistics, and Training. Founded in 2019, Swift supports Civilian, Defense, and Intelligence Community customers across the country and around the globe.

We are looking for a Cyber Defense Analyst 3 to join a growing team in Annapolis Junction, MD.

Responsibilities:
  • Use cyber defense tools to monitor, detect, analyze, categorize, and perform initial triage of anomalous activity. 
  • Generate cybersecurity cases (including event’s history, status, and potential impact for further action) and route as appropriate. 
  • Perform advanced manual analysis to hunt previously unidentified threats. 
  • Identify cyber-attack phases based on knowledge of common attack vectors and network layers, models and protocols. 
  • Apply techniques for detecting host- and network-based intrusions. 
  • Analyze malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information. 
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack. 
  • Possess deep knowledge of active directory abuse used by attackers for lateral movement and persistence. 
  • Perform after-action reviews of team products to ensure completion of analysis. 
  • Lead and mentor team members as a technical expert. 

Requirements:
  • Eight (8) years of demonstrated experience as a CDA in programs and contracts of similar scope, type, and complexity.
  • A technical bachelor’s degree from an accredited college or university may be substituted for two (2) years of CDA experience.
  • Two (2) years of demonstrated and practical experience in TCP/IP fundamentals. 
  • Two (2) years of demonstrated experience with tcpdump or Wireshark.
  • Three (3) years of demonstrated experience using security information and event management suites (such as Splunk, ArcSight, Kibana, LogRhythm).
  • Three (3) years of demonstrated experience in network analysis and threat analysis software utilization.
  • CSSP Analyst baseline certification (e.g., CEH, CySA+, CFR, etc.)
  • IAT Level I or II certification
  • Computing Environment (CE) certification for supported systems
  • Global Information Assurances Certificate (GIAC) OR Global Certified Incident Handler (GCIH)
  • US citizenship and an active TS/SCI with Polygraph security clearance required
Cyber Defense Analyst 3 at The Swift Group | Renata