Cyber Network Defense Analyst (Tier 2)

We are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically capable across a comprehensive range of cyber mission areas. OneZero full-time employees receive an extremely competitive benefits package that includes health/dental/vision/life insurance plans, 401K with company matching, PTO & paid holidays, employee referral program, and educational assistance. Additional details can be found on our website at: https://www.onezerollc.com/careers/

Position Title: Cyber Network Defense Analyst (Tier 2)

Location: FEMA - Bluemont, VA - The position is a hybrid of telework and on-site. 3 days on-site and 2 days telework a week

Shift: 2nd shift - 2-10 PM (Tuesday - Saturday)

Clearance: Top Secret with SCI eligibility. DHS EOD is also required to start on-site.

Program: Federal Emergency Management Agency

Job Description:

Department of Homeland Security (DHS), Federal Emergency Management Agency (FEMA) Security Operations is responsible for preventing, identifying, containing, and eradicating cyber threats to FEMA networks through monitoring, intrusion detection, and protective security services to FEMA information systems, including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public-facing websites, wireless, mobile/cellular, cloud, security devices, servers, and workstations. The FEMA Security Operations is responsible for the overall security of FEMA Enterprise-wide information systems and collects, investigates, and reports any suspected and confirmed security violations.

The ideal candidate will have a basic understanding of cyber threats, information security, security monitoring, threat detection, incident response, and incident handling (NIST SP 800-61). The candidate should be familiar with conducting security monitoring in an SIEM such as Splunk or other like tools. The candidate must be familiar with TCP/IP ports and protocols, IDS/IPS systems, and basic incident handling and response concepts.

The Tier 2 Analyst should have experience with one or more of the following tools:

• Splunk Enterprise Security
• Crowdstrike Falcon
• Swimlane
• M365 Office and EOP
• ElasticSearch
• Axonius

Qualifications:

• Active Top Secret with SCI eligibility
• Minimum 3 years of MD&A (Monitoring, Detection, & Analysis) experience
• Firm understanding of basic network protocols and common network architectures
• Familiarity with host/network logs and log analysis.
• Familiarity with common cybersecurity frameworks such as MITRE ATT&CK, MITRE D3FEND, Cyber Kill Chain, etc.
• Strong communication (writing and speaking) skills and ability to foster and work within a team-oriented environment.
• Experience in the use of various OSINT tools.
• Critical thinking and problem-solving skills.
• Ability to prioritize and triage events.
• Familiarity with cyber-attack patterns, common IOC, and threat actor actions.
• Knowledge of common incident response and remediation actions.
• Experience in writing reports and delivering oral presentations
• Familiarity with the types of PII and classification levels.

Required Certifications:

• DoD 8570 IAT II certification

One or more of the following certifications are preferred:

• CEH
• BWEB - Web Application Defender
• GNFA - Network Forensic Analyst
• CCNA Security
• CCNP Security
• CHFI - Computer Hacking Forensic Investigator
• ENSA - EC Council Network Security Administrator
• ECIH - EC Council Certified Incident Handler
• ECSS - EC Council Certified Security Specialist
• GCIA - Intrusion analyst
• GREM - Reverse Engineering Malware
• GPPA - Perimeter Protection Analyst
• GISF - Security fundamentals
• GMON - Continuous Monitoring Certification

OneZero Solutions, LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access www.onezerollc.com/careers as a result of your disability.

To request an accommodation, please contact us at recruiting@onezerollc.com or call (202) 987-2580.