JOB TITLE
CYBER SECURITY MALWARE ANALYST #ID003

LOCATION
Beltsville, MD

SECURITY CLEARANCE
Secret Required

YEARS OF EXPERIENCE
2-4

EDUCATION
Bachelor’s Degree (preferred) or equivalent education and work experience.

CERTIFICATIONS
Preferred but not absolutely required:

• Security +
• CISSP
• SANS GREM
• SANS GCIH and/or GCIA
• Certified Ethical Hacker (CEH)
• Basic knowledge of Java, C, and/or C++

DUTIES
This is a Mid-level Security Analyst position focused on responsibilities for malware analysis, network monitoring, and ticket support. Additionally this position is involved with the evaluation and operational support of malware and analysis tools, processes and products.

Daily duties:

• Conduct dynamic malware analysis
• Recommend remediation steps for computer security events and incidents
• Identify and recommend process creation and improvements
• Supporting malware analysis systems and tools
• Supporting / Mentor analysts on new techniques and information sources
• Support ongoing incidents from non-CIRT organizations related to computer security when requested
• Shift work

QUALIFICATIONS
Knowledge of the following security tools and concepts:

• Understanding of Static and Dynamic Malware analysis tools and techniques
• Knowledge of computer networking
• Packet analysis tools (such as Wireshark) and techniques
• Enhanced event monitoring and analysis tools (log aggregators and event correlation)
• Intrusion Detection System (IDS) software and hardware
• SSIM tools and techniques
• Ticket creation and updates
• Ability to work shift work – Monday through Friday 2pm – 10:30pm
• Strong communication skills

JOB TITLE
MID-LEVEL POLICY ANALYST #ID004

LOCATION
Arlington, VA

ANNUAL SALARY
81,000

OVERVIEW
The position supports the Department of State, Diplomatic Security, Directorate of Cyber and Technology Security. The Policy and Standards Program is responsible for developing, promulgating, and maintaining Department cybersecurity policies and standards; developing and providing guidance on the Overseas Security Policy Board (OSPB) information systems security policy and standards; and providing guidance on existing policies and standards for the Department. The Program is also responsible for Department representation and coordination of National level policies and guidance. The Program handles exception requests for standards and policies within the Directorate of Cyber and Technology Security’s scope of authority. Additionally, the program responds to user questions and inquiries about policy received via cables, memos, emails and phone calls.

RESPONSIBILITIES

• Research, recommend, develop, maintain, and update domestic and overseas cybersecurity policies, to include use of new and emerging technology (e.g. WiFi, cloud, mobile devices), software, hardware, and other IT-related systems (e.g. VoIP, Building Automation Systems).
• Examine incoming requests for exceptions to policy and draft recommended decision memorandum to include requisite mitigation strategies
• Coordinate clearances of all draft cybersecurity policies and memorandum with DoS stakeholders
• Participate in intra-agency policy working groups (e.g. WiFi) and provide cybersecurity policy subject matter expertise
• Provide support for the review and coordination for National level classified and unclassified cyber and communications security policies and guidelines
• Respond to cables, memos, emails and phone inquiries regarding security policies and standards
• Help maintain the contents of the Frequently Asked Questions (FAQ) web page and web portal website
• Maintain databases for tracking incoming and outgoing policy documents, policy inquiries, exception requests
• Provide status reports as required. Prepare contract deliverables to include Trend Analysis reports, Quarterly Status Report, etc.

POSITION DESCRIPTION (HRTMS) – BASIC QUALIFICATIONS

• Bachelor’s degree in IT or related field with 3+ years of work experience or MA in the same fields combined with 1+ year of work experience
• Experience in researching, developing, writing, and editing cybersecurity policies, best practices, standards, processes and procedures
• Experience in research and analysis of information system issues and trends, and research and development in a technical discipline/field
• Excellent written and verbal communication skills; strong organizational skills; research, analysis, and writing skills
• Strong customer service and interpersonal skills to effectively relate to agency and customer needs; ability to build working relationships with leaders and key stakeholders
• Proficiency with Microsoft Office
• Some experience with the creation of IT security requirements, technical security safeguards, countermeasures, risk management, contingency planning, and data communications networking
• Ability to work independently and as part of a team; ability to take initiative with minimal direction and to solve problems
• Knowledge of, and experience with, current Federal security standards (e.g., FISMA/NIST, DOD, and CNSS)
• Familiarity with the Department of State’s mission is preferred and work with global policies is preferred
• CISSP is preferred

JOB TITLE
CYBER INVESTIGATIONS ANALYST #ID005

LABOR CATEGORY
Mid-Level Engineer/Analyst

ANNUAL SALARY
81,000

OVERVIEW
We are looking for someone who is capable of performing in-depth analysis of open source and classified reporting to identify potential and actual cyber threats to the Department and continually liaise with law enforcement and intelligence entities, foreign partners, and others, to exchange and share information.

DUTIES

• Examines and prioritizes events using existing tools to correlate data for the purpose of reducing false positives.
• Performs threat assessments that combine intelligence information with security events data resulting in insightful analysis and description of threats.
• Conducts cyber threat assessments of foreign countries, hacker groups, and other entities with capabilities that could pose potential harm to the Department’s networks.
• Builds written products generally ranging from 1-10 pages, often on short suspense deadlines.
• Creates and produces oral briefings for a wide variety of officials on threat intelligence findings and security best practices.

QUALIFICATIONS

Required Qualifications:

• Knowledge of various cyber threats and commonly used tactics, techniques, and procedures.
• Experience using open and closed data sources to identify and extract indicators of compromise.
• Experience with the technical capabilities and limitations of the Internet and online technologies, including social networking sites, blogs, and microblogs, Internet mapping tools, Passive DNS tools, VirusTotal.
• Experience with computer network protocols and operations and conducting open-source research.
• Knowledge of general global political and security issues and regional and overseas expertise.
• At least 1 year experience with Splunk.
• Experience with targeting or analysis in the intelligence community or computer network defense community.
• Ability to write concise analytical products and assessments.
• Ability to operate in a fast-paced and demanding work environment with tight deadlines.
• BA or BS degree in Cyber Security, Information Systems, International Security Studies, Political Science, or Business Administration with a focus on IT Administration.

Desired Qualifications:

• Experience with computer programming languages, including PhP, Python, SQL, C++, Perl, Java, or other associated languages.
• Experience with leading analysis and reviewing peer products.
• Knowledge of malware types, malware analysis tools and procedures and ability to report malware analysis output
• Possession of excellent oral and written communication skills
• MA or MS degree in Cyber Security, Information Systems, International Security Studies, Political Science, or Business Administration with a focus on IT Administration.
• Security+, CEH, or CISSP Certifications or penetration testing experience.
• Foreign Language experience with Arabic, Chinese, Farsi, or Russian (or other Cyrillic based languages) are highly desired.

Here are a few more qualifications:

• Have done cyber security analysis or investigative work
• Enjoy research and critical analysis
• Have proven written and oral communication skills
• Have knowledge or interest in the current state of cyber international relations, adversary tactics, and advance persistent threat actor trends
• Have keen analytical skills, curiosity, agility, and adaptability

JOB TITLE
CYBER THREAT INTELLIGENCE MALWARE ANALYST #ID006

LABOR CATEGORY
Mid-Level IT Analyst-G

PROGRAM
CTAD/Technical Analysis and Special Operations Branch

ANNUAL SALARY
74,000

YEARS OF EXPERIENCE

• General Experience: Eight (8) years of experience in intelligence or technical analysis with increasing responsibilities.
• Specialized Experience: Four (4) years of experience in intelligence or technical analysis with a focus on cyber threats.

EDUCATION
A Bachelor’s Degree in Computer Science, Information Systems, English, Communications, History, or other related technical or liberal art discipline. Four (4) years of related experience may be submitted for the degree.

DUTIES

Specific duties include, but not limited to the following:

• Team member responsible for the analysis and reporting of technical and intelligence information to provide cyber threat indications warnings, and trends.
• Perform assessments of malicious or suspicious software and network activities to determine potential security risks.
• Prepares and reviews threat reports, assessments, briefings, and other written products.
• Engage in daily information sharing efforts with counterparts in the Law Enforcement, Intelligence, and Computer Network Defense communities.
• Participates in inter-agency working groups, conferences, and task forces and provides relevant Department related data.

POSITION TITLE
SENIOR SYSTEM ENGINEER #ID008

LABOR CATEGORY
Senior IT Analyst

LOCATION
Rosslyn, VA

SECURITY CLEARANCE
Interim Secret Required to Start (TS Preferred)

YEARS OF EXPERIENCE
5+ years in the information security field

EDUCATION
Bachelor’s Degree Required

CERTIFICATIONS
Preferred but not absolutely required:

• CompTIA Security+
• ISC2 CISSP
• Microsoft
• Cisco CCNA

DUTIES

Project Overview:
The team performs threat auditing of a major federal customer’s networks and provides investigative support to counterintelligence and law enforcement elements within the agency.

Job Description:
The Senior System Engineer provides infrastructure support across a collection of cyber security tools and custom applications used to provide cyber monitoring for a major federal agency.

Specific duties include, but are not limited to the following:

• Perform and may lead the design and test of complex security related systems to support ongoing deployment on classified and sensitive but unclassified (SBU) networks.
• Perform testing of infrastructure changes in lab environment to simulate effects on production systems, prepare test plans, and properly document test results.
• Proactively monitor system performance and improve system architecture to maximize performance and eliminate potential problems.
• Plan, monitor, and implement backup and recovery of Windows and UNIX/Linux OS’s. Troubleshoot and/or provide technical support in the event of an issue.
• Work closely with vendors, database architects/administrators, other systems engineers, project/program managers, and government customers to develop, implement, maintain and upgrade IT infrastructure.
• Publish standards, policies, and procedures, and work with development staff to standardize environment and improve
  efficiency.

Other support includes licensing administration, troubleshooting system issues and errors, reviewing vendor provided support materials and monitoring system performance and data recoverability in accordance with customer Information Technology policies and procedures.

Daily Responsibilities:

• Support mission-focused infrastructure to ensure performance and availability of system and environment
• Perform system build-outs, patch management, STIG/Security Compliance/Accreditation, Risk Management Framework, and Group Policy Administration
• Schedule and coordinate system maintenance activities to reduce impact to production environment
• Provide desktop support, manage users/ administrators permissions, security groups, access requests, and associated documentation
• Develop and maintain independent Virtual Server Infrastructure and administer storage, networking, compliance, & best practices. Build virtual workstations and servers & maintain resource pools.
• Provide third party application support (e.g. SPSS)
• Core work hours are 9:00am – 3:00pm (8 hour work day), Rosslyn, VA

QUALIFICATIONS

Required Qualifications:

• Bachelor’s Degree
• Interim Secret Required to Start (TS Preferred)
• Minimum of five years in the information security field
• Minimum of three years of applied systems engineering experience
• Enterprise administrative support and deployment of multiple operating systems (e.g. Windows 2008, 2012, Linux)
• Experience in configuring and troubleshooting Windows servers
• Understand and utilize Active Directory Domain Services, DHCP, DNS, WINS, TCP/UDP Ports and Protocols
• Experience working in a virtualized environment (e.g. VMWare)
• Possesses an understanding of networking fundamentals
• Possesses working knowledge of firewall administration
• Possesses working knowledge of MS Office Suite and can provide deliverables to support project deployment on an as-needed basis.

Desired Qualifications:

• Experience with Direct Attached Storage/SAN and RAID.
• Experience with hardware and input/output evaluation and optimization
• Experience with Dell hardware
• Proficiency in process automation using multiple scripting and development tools including, but not limited to: Shell scripting, PowerShell, Perl, Ruby, or Python
• Working knowledge of information security and IT standards like ISO27002, NIST, ITIL, etc.
• Understanding of data privacy principles and regulations (breach notification, etc.)
• Advanced written and verbal communication skills
• Excellent leadership and teaming skills
• Demonstrated integrity within a professional environment

Travel: 0% – 10%

JOB TITLE
SENIOR PENETRATION TESTER #ID009

LABOR CATEGORY
Senior Engineer/Analyst

LOCATION
Arlington, VA (Rosslyn)

ANNUAL SALARY
98,000

SECURITY CLEARANCE
Secret required/Top Secret preferred

YEARS OF EXPERIENCE
6+

EDUCATION
A Bachelor’s Degree in Computer Science, Information Systems, Engineering, Telecommunications, or similar field required. Master’s degree preferred

CERTIFICATIONS
Preferred but not absolutely required:

• OSCP, GIAC GPEN, GWAPT or other Penetration Testing certifications
• CISSP
• Certified Ethical Hacker

QUALIFICATIONS AND DUTIES

Project Overview:
Provides Penetration testing and Vulnerability Analysis support to a cabinet level federal agency. Contributes to a team of information assurance professionals working to improve technical security posture. Duties include writing reports, briefing event details to leadership, and coordinating
remediation with personnel throughout the globe.

Must possess six (6) years of substantive IT knowledge and demonstrate hands-on expertise and/or training in areas of emerging technologies. The candidate must have hands-on experience and expertise with ethical hacking, firewall and intrusion detection/prevention technologies, secure coding practices and threat modeling. Be a self-starter with, keen analytical skills, curiosity, agility, and adaptability. The ability to work quickly, willingness to work on ad hoc assignments, work independently as needed, strong written and verbal communication skills, and recognizing the importance of being a team player. In addition the candidate must possess the following skill set:

• Able to conduct Penetration Tests and Vulnerability Analysis using Automated and Manual TTPs.
• Have an understanding of common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
• Must be able to use at least two of the following proficiently and instruct others on them: Nessus, Burp, Metasploit Framework/Pro, and the Social Engineering Toolkit.
• Must have solid working experience and knowledge of Windows and Unix/Linux operating system
• Firm understanding of network and system architecture and analysis. Fundamentals of network routing & switching, assessing network device configurations, and operating systems (Windows/*nix)
• Scripting (Windows/*nix), Bash, Python, Perl or Ruby, Systems Programming
• Strong familiarity with at least one of the following: OWASP top 10, PTES and NSA Vulnerability and Penetration Testing Standards.
• Must be able to work alone or in a small group.

Daily Responsibilities:

• Performs Penetration Tests and Vulnerability Analysis on web and other applications, network infrastructure and operating system infrastructures.
• Briefs executive summary and findings to stakeholders to include Sr. Leadership
• Have an understanding of how to create unique exploit code, bypass AV and mimic adversarial threats.
• Assesses the current state of the customer’s system security by identifying all vulnerabilities and security measures.
• Helps customer perform analysis and mitigation of security vulnerabilities.
• Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.
• Provides support to incident response teams through capability enhancement and reporting.
• Mentors Jr and Mid staff members by creating and teaching latest techniques in ethical hacking and vulnerability analysis.

JOB TITLE
SENIOR CYBERSECURITY SYSTEMS ARCHITECT #ID010

LABOR CATEGORY
Principal Engineer/Analyst

LOCATION
Rosslyn, VA

ANNUAL SALARY
120,000

SECURITY CLEARANCE
Interim Secret Required to Start (TS Preferred)

YEARS OF EXPERIENCE
BS or equivalent + 9 years related experience, or MS + 7 years related experience

EDUCATION
Bachelor’s Degree Required

CERTIFICATIONS
Preferred but not absolutely required:

• CompTIA Security+
• ISC2 CISSP
• Microsoft
• Cisco CCNA

DUTIES

Project Overview:
Project supports the IT engineering team of a major federal customer providing security services in support of a mission-critical cyber security monitoring program including engineering and operations support.

Job Description:
The Senior Cybersecurity Systems Architect provides support across a collection of cyber security tools and custom applications used to provide cyber monitoring for a major federal agency.

The candidate will provide technical leadership and expertise working independently and in conjunction with other engineers, administrators, analysts, and database administrators as part of an internal operational and infrastructure team. The candidate will also work
closely with vendors, project/program managers, and government customers to develop, implement, and maintain the complex security tool infrastructure.

The Senior Cybersecurity Systems Architect’s primary area of responsibility is to support and maintain current capabilities while supporting a project to refresh the current architecture for growth and expansion of capabilities including evaluation, integration and deployment.

The ideal candidate will have a solid understanding of cyber security in the domains of security vulnerabilities, malware TTP’s, networking protocols, application development, information exchange models, interface and GUI design and development.

This effort will require a skilled candidate to enable standardized and consistent processes, troubleshooting, implementation of innovative industry approaches and provide significant improvement to current capabilities.

Daily Responsibilities:

• Lead the design and test of complex security related systems to support ongoing deployment on classified and sensitive but unclassified (SBU) networks
• Support mission-focused infrastructure to ensure performance and availability of system and environment
• Perform testing of infrastructure changes in lab environment to simulate effects on production systems, prepare test plans, and properly document test results
• Schedule and coordinate system maintenance and upgrade activities to reduce impact to production environment
• Develop and maintain independent Virtual Server Infrastructure and administer storage, networking, compliance, & best practices. Build virtual workstations and servers & maintain resource pools.
• Plan, monitor, and implement backup and recovery of Windows and UNIX/Linux OS’s
• Assess complex IT environments and map the data flow of the through systems/applications and organizational functions
• Proactively monitor system performance and improve system architecture to maximize performance and eliminate potential problems.
• Troubleshoot and/or provide technical support in the event of an issue.
• Publish standards, policies, and procedures, and work with development staff to standardize environment and improve efficiency.
• Licensing administration, troubleshooting system issues and errors, reviewing vendor provided support materials and monitoring system performance and data recoverability in accordance with customer Information Technology policies and procedures.
• Core work hours are 9:00am – 3:00pm (8 hour work day), Rosslyn, VA

QUALIFICATIONS

Required Qualifications:

• Bachelor’s Degree
• Interim Secret Required to Start (TS Preferred)
• Applied systems engineering and networking experience and solid background in the system development lifecycle.
• Experience implementing and supporting mission-specific applications in a client-server architecture with large scale agent deployment (100,000+)
• Enterprise support and deployment of multiple operating systems (e.g. Windows 2003 / 2008/ 2012, Linux)
• Experience with Direct Attached Storage/SAN and RAID
• Experience with Dell hardware
• Experience in configuring and troubleshooting security systems and solutions
• Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Firewall deployment
• Understand and utilize Active Directory Domain Services, DHCP, DNS, WINS, TCP/UDP Ports and Protocols
• Working knowledge of information security and IT standards like ISO27002, PCI, NIST, ITIL, etc. Understanding of data privacy principles and regulations (HIPAA, breach notification, etc.)
• Experience managing a virtualized environment (e.g. VMWare)
• Possesses working knowledge of MS Office Suite and can provide deliverables to support project deployment on an as-needed basis
• Advanced written and verbal communication skills
• Excellent leadership and teaming skills
• Demonstrated integrity within a professional environment

Desired Qualifications:

• Experience with hardware and input/output evaluation and optimization
• Experience implementing hyper-converged solutions
• Experience implementing cross-domain solutions
• Experience with Dell hardware
• Proficiency in process automation using multiple scripting and development tools including, but not limited to: Shell scripting, PowerShell, Perl, Ruby, or Python
• Understanding of data privacy principles and regulations (breach notification, etc.)
• Demonstrated integrity within a professional environment
• Experience with integration of multiple types of data sources. Experience with hardware and input/output evaluation and optimization.
• Familiarity with Event Information Management (SIEM), Anomaly Detection Systems (ADS), and Network Packet Analyzers such as Ethereal/WireShark
• Hands-on experience with Data Loss Prevention solutions (Symantec, IBM, RSA, McAfee, etc.)
• Experience with developing data protection programs and technology solutions to fit client’s IT environment and the culture of the organization
• Support data loss prevention and data storage security technology solutions, including configuration of agents or network appliances and data policies/rules
• Endpoint Security Administration / Engineering experience

Travel: 0% – 10%

JOB TITLE
DATA SCIENTIST/ANALYST #ID012

LABOR CATEGORY
Senior Engineer/Analyst

ANNUAL SALARY
98,000

SECURITY CLEARANCE
Secret required (active within the past 2 years) and eligibility for Top Secret

YEARS OF EXPERIENCE
4+ years of experience conducting statistical analysis (to include regression modeling)

EDUCATION
Bachelor’s Degree in a quantitative discipline. For example: engineering, computer science, mathematics, statistics, physics, a social science course load that contained a significant quantitative emphasis (economics, political science, psychology, sociology), or other.

OVERVIEW
We are looking for a Cybersecurity Data Analyst within the U.S. Department of State’s Cyber Threat Analysis Division (CTAD) that will assist with computational and statistical analytics projects that contribute to the defense of the Department’s networks.

DUTIES

• Work closely with cyber threat intelligence analysts, cyber forensics analysts and incident response teams within CTAD to understand how their challenges can be addressed with data analysis; and help to formulate and carry out strategies for meeting these needs.
• Perform data set identification, data quality reviews, and data cleaning.
• Perform or assist with data mining and statistical modeling to discover patterns and relationships that are pertinent to cyber threat intelligence.
• Communicate results of analyses and actionable recommendations to CTAD personnel in the form of written products.
• Verbally present findings to a variety of audiences, ranging from peers to senior managers.
• Build written threat reports to disclose findings and recommendation to remediate the vulnerability and/or threat.

QUALIFICATIONS

• Experience leading a data analytics team responsible for strategy and operational execution to support a customer’s analytical requirements.
• Knowledge of at least one open-source programming language (Python, R) or one language native to a statistical software package (SPSS, SAS, STATA, MATLAB).
• Experience producing data visualizations and presenting data analysis findings in written or verbal formats
• Interest in or knowledge of global political and security issues.
• Interest in or knowledge of the cybersecurity domain, specifically familiarity with technical indicators of compromise or, more generally, the cyber threat landscape.
• Familiarity or experience with database administration concepts, to include knowledge of SQL.
• Familiarity or experience with machine learning concepts and techniques.
• Experience with Splunk.

Must be a US Citizen.

JOB TITLE
CHIEF DATA ANALYST #ID014

LABOR CATEGORY
Lead Engineer/Analyst

ANNUAL SALARY
85,000

SECURITY CLEARANCE
Secret required (active within the past 2 years) and eligibility for Top Secret

YEARS OF EXPERIENCE
7+ years of experience conducting statistical analysis (to include regression modeling)

EDUCATION
Bachelor’s Degree in a quantitative discipline. For example: engineering, computer science, mathematics, statistics, physics, a social science course load that contained a significant quantitative emphasis (economics, political science, psychology, sociology), or other.

OVERVIEW
We are looking for a Cybersecurity Data Analyst within the U.S. Department of State’s Cyber Threat Analysis Division (CTAD) that will assist with computational and statistical analytics projects that contribute to the defense of the Department’s networks.

DUTIES

• Work closely with cyber threat intelligence analysts, cyber forensics analysts and incident response teams within CTAD to understand how their challenges can be addressed with data analysis; and help to formulate and carry out strategies for meeting these needs.
• Perform data set identification, data quality reviews, and data cleaning.
• Perform or assist with data mining and statistical modeling to discover patterns and relationships that are pertinent to cyber threat intelligence.
• Communicate results of analyses and actionable recommendations to CTAD personnel in the form of written products.
• Verbally present findings to a variety of audiences, ranging from peers to senior managers.
• Build written threat reports to disclose findings and recommendation to remediate the vulnerability and/or threat.

QUALIFICATIONS

• Experience leading a data analytics team responsible for strategy and operational execution to support a customer’s analytical requirements.
• Knowledge of at least one open-source programming language (Python, R) or one language native to a statistical software package (SPSS, SAS, STATA, MATLAB).
• Experience producing data visualizations and presenting data analysis findings in written or verbal formats
• Interest in or knowledge of global political and security issues.
• Interest in or knowledge of the cybersecurity domain, specifically familiarity with technical indicators of compromise or, more generally, the cyber threat landscape.
• Familiarity or experience with database administration concepts, to include knowledge of SQL.
• Familiarity or experience with machine learning concepts and techniques.
• Experience with Splunk.

Must be a US Citizen.

JOB TITLE
DATA ANALYST/ENGINEER #ID016

LABOR CATEGORY
Mid-Level Engineer/Analyst

ANNUAL SALARY
74,000

SECURITY CLEARANCE
TS/SCI or the ability to gain one

YEARS OF EXPERIENCE
2+

CERTIFICATIONS
1+ cyber certification in the field of network or host-based forensic analysis

DUTIES
We are looking for someone who is capable of performing in-depth host-based and network forensic analysis to hunt for identify cyber actors posing a threat to the Department of State.

• Examine and operationalize new adversary detection methods to defend the enterprise.
• Build hypotheses and collection plans to determine normal versus abnormal network and host behavior.
• Prioritize events using existing tools to correlate data for the purpose of reducing false positives.
• Build and disseminate threat reports that combine intelligence information, various security events, and networking information.
• Support cyber security risk assessment of various networks on behalf of the Department.
• Build written threat reports to disclose findings and recommendation to remediate the vulnerability and/or threat.

QUALIFICATIONS

• Have done cyber threat hunting work
• Currently hold computer forensics or intrusion detection certifications
• Enjoy research and thinking critically through problems
• Have a deep understanding of windows operations system and its inyernals
• Ability to conduct large scale sweeps using live forensic tools and analytical methodologies
• Demonstrated ability to write well and to clearly and articulately communicate with a variety of audiences, including executive level personnel
• Demonstrated experience in cyber security and/or intelligence analysis

Must be a US Citizen.

JOB TITLE
CYBER SECURITY ENGINEER #ID018

LABOR CATEGORY
Mid-Level IT Analyst

ANNUAL SALARY
74,000

SECURITY CLEARANCE
Secret required (active within the past 2 years) and eligibility for Top Secret

YEARS OF EXPERIENCE
2+ years of experience conducting statistical analysis (to include regression modeling)

EDUCATION
Bachelor’s Degree in a quantitative discipline. For example: engineering, computer science, mathematics, statistics, physics, a social science course load that contained a significant quantitative emphasis (economics, political science, psychology, sociology), or other.

OVERVIEW
We are looking for a Cybersecurity Data Analyst within the U.S. Department of State’s Cyber Threat Analysis Division (CTAD) that will assist with computational and statistical analytics projects that contribute to the defense of the Department’s networks.

DUTIES

• Work closely with cyber threat intelligence analysts, cyber forensics analysts and incident response teams within CTAD to understand how their challenges can be addressed with data analysis; and help to formulate and carry out strategies for meeting these needs.
• Perform data set identification, data quality reviews, and data cleaning.
• Perform or assist with data mining and statistical modeling to discover patterns and relationships that are pertinent to cyber threat intelligence.
• Communicate results of analyses and actionable recommendations to CTAD personnel in the form of written products.
• Verbally present findings to a variety of audiences, ranging from peers to senior managers.
• Build written threat reports to disclose findings and recommendation to remediate the vulnerability and/or threat.

QUALIFICATIONS

• Knowledge of at least one open-source programming language (Python, R) or one language native to a statistical software package (SPSS, SAS, STATA, MATLAB).
• Experience producing data visualizations and presenting data analysis findings in written or verbal formats
• Interest in or knowledge of global political and security issues.
• Interest in or knowledge of the cybersecurity domain, specifically familiarity with technical indicators of compromise or, more generally, the cyber threat landscape.
• Familiarity or experience with database administration concepts, to include knowledge of SQL.
• Familiarity or experience with machine learning concepts and techniques.
• Experience with Splunk.

Must be a US Citizen.