Cyber Watch Analyst

Location: Chantilly, VA
Date Posted: 03-06-2018
RCT Systems is seeking a Cyber Watch Analyst who installs, supports maintains and monitors IT Storage Area Network (SAN) infrastructure for reliability and uptime. Architects, designs, implements and maintains complex enterprise SANs and data backup recovery systems. In collaboration with other architecture and engineering teams(systems engineering, database administration, network operations and applications development), analyze and design enterprise storage systems used for customer data management, high transaction database processing, and storage. Working with others, analyze and translate business requirements into a solution design for new installations or upgrades to existing platforms. Manages and provides operational support for data availability and retention systems such as server and SAN-based backups and enterprise level backup solutions.
Work a 12-hour shift on the Computer Incident Response Team (CIRT) Watch Floor
  • The position is shift work with varying schedules by week.
  • Collaborate between CIRT elements as necessary during incident detection and response stages
  • Respond promptly to all request for support whether telephonic, via e-mail or instant messenger
  • Create releasable finished intelligence products and reports for the IC as well as IC Senior Leadership
  • Maintain incident case management database for all reported incidents
  • Analyze incidents and events captured in the Case Management Database for trends, patterns, or actionable information
  • Review incidents and events captured in the Case Management Database after closure for investigative sufficiency and timeliness
  • Leverage existing business processes and where necessary define and document new repeatable business processes and procedures
  • Research external information on events, incidents, outages, threats, and technical vulnerabilities
  • Coordinate and disseminate the best course of action for the IC enterprise during cybersecurity events, incidents, outages, threats and technical vulnerabilities with IC-IRC fusion analysis team
  • Assess incidents to identify type of attack, estimate impact, and collect evidence
  • Must have active TS/SCI with Poly 
Required Qualifications:
  • Bachelor's in Cybersecurity, Information Security, Information Technology, Computer Science/Engineering, Network Engineering, or Computer Forensics.
  • Minimum 1-year experience within 3 or more of the following: technical analysis, network engineering, network security, and offensive experience, technical collection, penetration testing, "red teaming" and computer exploitation.
  • Minimum 6 months experience working with Security incident and event management
  • Minimum 6 months experience working with a Security or Network Operations Center
  • Proficient in at least one of the following tools/techniques: HP Openview, FireEye, Solar Winds, ArcSight, Web Sense
  • Bachelor's Degree equivalent - Minimum of 4 years of experience in Cybersecurity, Information Security, Information Assurance, and Information Technology, Electrical Engineering, Network Engineering, Computer Science/Engineering, Computer Forensics, or related technical field. Experience used as equivalency for college degree must be in addition to other experience requirements.
Desired Qualifications:
  • Relevant Certifications: CISSP, CCFP, CCSP, CEH, GCFS, GCIA


RCT Systems is an Equal Employment Opportunity Employer.  Qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin disability or protected veteran status.   
this job portal is powered by CATS