Peraton is seeking a Senior Gap Team Analyst to become part of Peraton’s Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective and secure business processes. You will be a part of the Cyber Incident Response Team.
Location: Arlington, VA.
In this role, you will:
- Provides Threat and Gap Analysis support to a cabinet level federal agency.
- Contribute to a team of information assurance professionals working to improve technical security posture.
- Duties include writing reports, briefing event details to leadership, and coordinating remediation with personnel throughout the globe.
- Analyze Red Cell activities to identify detection gaps.
- Resolve gaps found through monitoring Red Cell activities.
- Provides recommendations for better network security.
- Create new detection methodologies that highlights suspicious activity.
- Briefs executive summary and findings to stakeholders to include Sr. Leadership.
- Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network. vulnerabilities, data hiding and network security and encryption.
- Provide support to incident response teams through capability enhancement and reporting.
- Mentor Jr and Mid staff members by creating and teaching latest techniques in ethical hacking and vulnerability analysis.
- Be a self-starter with keen analytical skills, curiosity, agility, and adaptability.
- Need to work quickly, be willing to work on ad hoc assignments, work independently as needed
- Strong written and verbal communication skills, andNeed to be a team player.
Required:
- A Bachelor of Science degree in Computer Science, Information Systems, Engineering, Telecommunications, or similar field required and a minimum of 5 years of penetration testing experience is required. An additional 4 years of experience may be substituted in lieu of a degree.
- Must possess a minimum of six (6) years of substantive IT knowledge and demonstrate hands-on expertise and/or training in areas of emerging technologies.
- Must have hands-on experience and expertise with threat detection, gap analysis, threat hunting methodologies, and understand the capability of hacking tools and how they are used to exploit vulnerabilities and features in enterprise networks. Previous SOC and Red Team experience is a plus.
- Must have at least ONE of the listed certifications listed:
- CCNA Cyber Ops
- CCNA-Security
- CEH
- CFR
- Cloud+
- CySA+
- GCIA
- GCIH
- GICSP
- SCYBER
- Security+ CE
- SSCP
- Experience analyzing Azure/O365 Logs and their logging platform (eg: Sentinel, Unified Audit Logs, Log Analytics, AAD Audit Logs, Office Activity Logs, etc)
- Have a firm understanding of network and system architecture and analysis.
- Knowledge in and with fundamentals of network routing & switching, assessing network device configurations, and operating systems (Windows/*nix)
- Possess an advanced knowledge of Splunk with the ability to leverage the more advanced statistical features.
- Experience performing incident response using a modern EDR tool.
- Be familiar with NIST Standards on cybersecurity and incident handling (800-53, 800-61)
- Experience with PCAP analysis. (e.g. Wireshark)
- Experience performing forensic analysis on the different Operating systems.
- Experience identifying gaps in detection and creation of detection methodologies to address the gaps.
- Experience analyzing Network Security logs (e.g. Splunk)
- Experience with the MITRE ATT&CK framework
- Familiarity with tools like Nessus, Burp, and Metasploit Framework/Pro.
- Experience Scripting in languages such as PowerShell, Bash, Python, Perl, or Ruby.
- U.S. citizenship and an active Secrect security clearance, with the ability to obtain a final Top Secret security clearance.
Job Type: Full-time
Pay: $86,000.00 - $138,000.00 per year
Benefits:
- 401(k)
- Dental insurance
- Employee assistance program
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Parental leave
- Professional development assistance
- Referral program
- Relocation assistance
- Tuition reimbursement
- Vision insurance
Experience level:
Schedule:
- 8 hour shift
- Monday to Friday
Experience:
- penetration testing: 5 years (Preferred)
Security clearance:
Ability to Commute:
- Arlington, VA 22209 (Required)
Ability to Relocate:
- Arlington, VA 22209: Relocate before starting work (Required)
Work Location: Hybrid remote in Arlington, VA 22209