Cyber Defense Analyst (Mid)

OverviewCyber Defense Analyst — Washington DC / HybridPay from: $105,000/yrResponsibilitiesIdeal candidate will be a part of the Federal Client's SOC team and will coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidentsPerform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network securityPerform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediationPerform cyber defense trend analysis and reportingPerform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systemsReceive and analyze network alerts from various sources within the enterprise and determine possible causes of such alertsTrack and document cyber defense incidents from initial detection through final resolutionEmploy approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness)Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterpriseCoordinate with intelligence analysts to correlate threat assessment dataMonitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterpriseCoordinate incident response functionsQualificationsExperiences Cyber AnalystActive DoD Secret Clearance is required5+ years of experience working as a Cyber Analyst with experience in malware analysis, digital forensics, data/network analysis, pen testing, incidence response handling, hardening and/or information assuranceExtensive understanding of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologiesKnowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored)Strong understanding of system administration, network, and operating system hardening techniqueFamiliarity with common networking and routing protocols (e.g., TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communicationsKnowledge of incident categories, incident responses, and timelines for responsesExperience running damage assessments is a plusExcellent communication skills both written and verbalAbility to work well with senior leadershipStrong attention to details and solid documentation skillsActive CEH, CSIH, GCIH, GISF, GIAC or CISSPBachelor's Degree is requiredQuadrant is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability.Healthcare benefits are offered to all eligible employees according to compliance mandated by the Affordable Care Act. #J-18808-Ljbffr

Created: 2025-09-17