Journeyman Cyber Security Analyst Job at Clark Creative Solutions, Port Hueneme, CA

Ni9VdENZSFdjbUcwM0t5UFh3d2RKcVNyK0E9PQ==
  • Clark Creative Solutions
  • Port Hueneme, CA

Job Description

We are seeking a Security Operations Center (SOC) Cyber Analyst (Journeyman or Junior)

Clearance: Top Secret

Location: Pt. Hueneme, Ventura County

Schedule: Onsite in Pt. Hueneme, with flexibility based on mission support requirements

LCAT Level: Journeyman; Junior

Position Description

The Cyber Analyst team member is responsible for the analysis of all technology devices which may include Operational Technology (OT) and Industrial Control Systems (ICS) as well as on-premises and cloud enterprise networks. This includes analysis of device communication, forensic analysis of Windows or Linux systems and servers, timeline analysis of activity on these endpoints, user permission and authentication audits, log analysis, and malware identification/triage. An ideal candidate for this position will be a proactive self-starter who has experience with system administration, Windows and Linux operating systems (OS) mechanics including filesystem structures, disk and memory forensics, cyber aware Operational Technology or Control Systems operators, commonly used mechanisms for maintaining security persistence, privilege escalation, and lateral data movement, operating system log analysis, and triaging suspicious file artifacts for unusual behavior. This role requires a familiarity with what routine OS activities and common software/user behavior looks like in the context of forensic artifacts or timelines. Analysts should also be familiar with common categories and formats of host-based indicators of compromise (IOCs) and how/where they can be leveraged to identify known-bad files/activity on an endpoint. Candidate will utilize the Cyber Kill Chain and synthesize the entire attack life cycle along with creating detailed reports on how impacts may or have occurred.

Responsibilities

  • Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities.
  • Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices.
  • Asses Security Technical Implementation Guides (STIGs) compliance and completion.
  • Utilize asset mapping tools to verify connected inventory.
  • Handle Information Assurance Vulnerability Management (IVAM) notifications.
  • Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions.
  • Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiency.
  • Conduct comprehensive technical analyses of computer evidence, research and integrate new security tools into the SOC, and synthesize findings into reports for both technical and non-technical audiences.

Qualifications

(Journeyman level) At least 3 years, (Junior level) applicable 1 to 2 years of experience in

security operations, demonstrating analytical duties and preforming host or network security analysis.

  • Proficient in analyzing cyber-attacks, with a deep understanding of attack classifications, stages, system/application vulnerabilities, and compliance with Department of Defense (DoD) policies and procedures.
  • Applied knowledge of network topologies, protocols (e.g., TCP/IP, ICMP, DNS, SSH,SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware,

Security Center.

  • Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE CK framework, with the ability to collaborate effectively across multiple locations.

Desired Skill sets

  • Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS)
  • Strong analytical and troubleshooting skills
  • Able to provide expert content development in Splunk Enterprise Security using tstats and datamodels
  • Understands how to utilize knowledge of latest threats and attack vectors to develop correlation rules for continuous monitoring on various security appliances
  • Experience in other tools and protocols as applicable such as Nessus, Endgame, CrowdStrike,Gray Noise, Shodan, Bacnet, MODBus, SCADA systems, and PCAP
  • Review logs to determine if relevant data is present to accelerate against data models to work with existing use cases
  • Familiar with the operations and functions of Nessus or security center management
  • Can assist and provide technical input to research, discover, implement hardware and software
  • Understands importance and fundamentals of logistics and evidence handling
  • Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), or relevant IT technology certification

Examples of other certifications include:

  • Offensive Security Certified Professional (OSCP)
  • GIAC Response and Industrial Defense (GRID)
  • CERT Certified Computer Security Incident Handler
  • ECC CEH (Electronic Commerce Council Certified Ethical Hacker)
  • GCIH (GIAC Certified Incident Handler)
  • GISF (GIAC Information Security Fundamentals)
  • CISSP (Certified Information System Security Professional)

Additional certifications at an equivalent may also be considered.

Job Tags

Full time,

Similar Jobs

Toppers Pizza

Delivery Driver Job at Toppers Pizza

 ...Pizza Delivery Champions Wanted! Join Our Thriving Team as a Delivery Driver! Actively Hiring Zesty Delivery Driver Wanted! Join Our Saucy Team Today! Are you...  ...work schedule! Whether you're an early riser or a night owl, our schedule will fit your pizza passion.... 

ARMM Logistics Corp

Delivery Driver - up to 29 per hour - Bonus of 1000 Job at ARMM Logistics Corp

Delivery Driver position - apply today and start next week! NO EXPERIENCE REQUIRED! EARN UP TO $28.13 HOURLY WITH BONUSES! WILLING TO TRAIN THE RIGHT CANDIDATES! Based in Milpitas. WE DELIVER IN MILPITAS & SAN JOSE! No Commercial Driver's License needed to be a delivery...

Moubius LLC

Cryptocurrency Strategy Venture Partner Job at Moubius LLC

Job Title: Venture Partner Location: Remote Iron Key Capital Iron Key is an investment firm focused on liquid and venture opportunities in crypto. We invest in PreSeed or seedstage Web3 startups focused on the enterprise adoption of utilitydriven ...

Shift Evening

Behavioral Health Technician - FT Evenings Job at Shift Evening

 ...Responsibilities Mental Health Technician (MHT) Full Time schedule available Five 8-hour shifts, to include every other weekend for...  ...easy access to a full complement of inpatient and partial behavioral health programs for children and adolescents, adults, and older... 

VISUAL SOFT, INC

Scrum Master (Various Levels) - Active TS is required Job at VISUAL SOFT, INC

 ...seeking candidates who currently support the agency and are willing to transition to this new task order. Job Title : Scrum Master (Various Levels) an Active Top SECRET required Job Level : Junior (3 yrs exp) and Mid Level (6 yrs exp) No. of Positions : more...