Cybersecurity Analyst
SAIC · San Antonio, Texas, United States
Defense and Space Manufacturing · 10,001+ employees
About the role
Act as a tool administrator for Armis and a Tier 3 SOC analyst, managing baseline configurations and policies. Perform cybersecurity defense, incident investigation, and threat analysis to protect state government agency systems.
What they look for
Requirements
Requires a BS degree with 5+ years of experience (or equivalent advanced degree) and Security+ and Armis 201 certifications. Candidates must be US citizens capable of passing a CJIS criminal justice background investigation.
Full description
Science Applications International Corporation (SAIC) is seeking a senior network security analyst to join our team supporting a major state & local government customer. This position reports to the Security Director. This is an on-site role to act as an analyst and tool admin for Armis.
Essential duties of this position include:
- Hybrid role as an Armis Centrix tool admin and SOC Tier 3, with the potential to be required to support Security Incident Response Team operations.• Supports dedicated work functions for state government agency.
- Own and manage baseline configurations, policies, and implementation of front-end operations for Armis.
- Work with Armis as a vendor for architecture and engineering implementation concerns.
- Performs network security, cybersecurity defense & analysis, incident response, threat analysis, exploitation analysis, vulnerability analysis, and incident investigations.
- Work is performed in a State Agency managed Security Operations Center (SOC).
- Duties are primarily categorized as Tool Admin and Analyst, Incident Investigation and Response, Security Operations, Incident Management, or similar roles.
- Utilizes COTS/GOTS applications, ticketing systems, lab systems, forensic applications, and/or custom tools, techniques, and procedures (TTPs) to monitor systems for abnormal events and determine if events are to be deemed an incident.
- Determines if incidents are due to malicious or suspicious actions by one or more threat actors.
- Utilizes threat intelligence to determine if the incident is part of a named campaign to determine appropriate levels of response, or provide new intelligence based on investigative actions to threat intelligence teams, organizations, and/or external parties.
- Obtains information and evidence for legal proceedings or to provide to government counterparts for possible military, law enforcement, and/or counter-intelligence response actions/activities, Human Resources investigations, and/or management action.
- Works with system owners to restore affected systems to secure baseline configurations.
- Coordinates with contracted vendors for incident control.
- Researches, evaluates, and recommends new security tools, techniques, and technologies.
- Supports cyber metrics development, maintenance, and reporting for managed tools.
- Provides briefings to senior staff and/or state government agencies executive staff.
SAIC® is a premier mission integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, intelligence, and civilian markets includes secure high-end solutions in mission IT, enterprise IT, engineering services, and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives.
We are approximately 23,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.3 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.