Defensive Counter Cyber Analyst with Security Clearance

What You Will Be Doing Tyto Defensive Counter Cyber Analyst has the ability of the AFCERT to complete its mission is dependent upon accurate, timely and thorough conduct of network traffic analysis and log analysis to evaluate intruder activities utilizing host and network-based monitoring and system logs. In addition, will be responsible correlating information gathered to provide the AFCERT effective methods to protect AF networks and associated domains and enclaves related to the AFCERT ACD weapon system for mission execution. Tyto Defensive Cyber Analyst my be be required to provide 24 hour coverage (shift work) for seven (7) days a week, 365 days a year with zero tolerance for error. Responsibilities: * Perform threat hunting for suspicious activity based on anomalous activity and indicators of compromise from various intelligence sources and toolsets. * Comply with 3rd party MOU/MOA monitoring and reporting requirements. (CDRL A002) * Identify intrusions and vulnerabilities and recommend mitigation strategies and techniques to secure networks. * Identify, analyze, and develop defensive counter cyber measures to thwart advanced persistent threats and intrusions of AF networks, domains and enclaves. * Conduct and support Defensive Counter Cyber Operations to interactively search for Advanced Persistent Threats (APT) and Indicators of Compromise (IOC) using enhanced data collection and analysis methods. * Provide incident response impact assessments. * Produce network security posture assessments. (CDRL A008) * Analyze systems for suspicious activities related to the DCO mission * Determine exploitation methods and attack vectors. * Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate. * Create and document metrics for reporting and analysis to improve weapon system processes, procedures, and mission execution. (CDRL A009) * Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures. (CDRL A002) * Provide requested information to operational flight commander as it relates to the Incident Response processes and procedures. * Utilize the Mitre ATT&CK Matrix in performance of duties. Qualifications: * TS/SCI clearance * 5+ years of experience with extensive knowledge of Operating systems fundamentals (Windows and/or Unix/Linux) * System administration (Windows and/or Unix/Linux) * Network traffic analysis * Penetration testing * Network security * Incident response & Incident response handling * Computer and network forensics * Vulnerability and malware analysis * Extensive knowledge of network firewalls, computer and server log analysis, computer network servers (DNS, proxy, e-mail, domain controller, file server, Active Directory) and analysis of their logs * Extensive knowledge of digital evidence collection, handling, and security * Experience with computer incident response and analysis and report dissemination * Extensive knowledge and experience with network packet capture and analysis software such as WireShark (Ethereal) and Snort * Experience with standard DoD network topology and DMZ boundary protection * Experience with system analysis software (i.e. EnCase/EnCase Enterprise or FTK), software coding and debugging, and the virtual machine (VM) environment * Expert knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects) * Available for shift work Equal Opportunity Employer: Disability/Veteran About Tyto AtheneTyto is an IT services and solutions company that provides mission-focused digital transformation to enhance the client experience and enable them to achieve desired outcomes. Tyto''s services and solutions embody its domain expertise in four major Technology domains: Network Modernization, Hybrid Cloud, Cyber Security, and Enterprise IT. Tyto offers a broad range of service delivery models including design/install projects, Managed Services, and ''As-a-Service''. With over fifty years of experience, Tyto supports Defense, Intelligence, Space, National Security, Civilian, Health and Public Safety clients across the United States and around the globe. After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise. Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it''s time to join Team Tyto! Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled

Created: 2025-10-04