Cyber Threat Analyst - Pyeongtaek - Integration Innovation, Inc. (i3)와 관련된 현재 작업


  • Pyeongtaek-si, 대한민국 Global Dimensions 풀타임

    Global Dimensions is a HUBZone, service disabled, veteran-owned small business based in Fredericksburg, VA. We are a dynamic, expanding company with exciting opportunities in language/culture, training/education/instruction, IT, cyber security, and intelligence (analysts, CI, HUMINT, SIGINT, etc.). Global Dimensions is currently seeking an Operational...


  • Pyeongtaek-si, 대한민국 Booz Allen Hamilton 풀타임

    Joint Electromagnetic Spectrum Operations Planner The Opportunity: As a Joint Electromagnetic Spectrum Operations (JEMSO) Planner, you ask questions others don’t. You understand the nuances of an invisible domain of warfare. You use your skills to think bigger and push farther, solving complex problems. We’re looking for someone like you to help...

Cyber Threat Analyst

3 개월전에


Pyeongtaek, 대한민국 Integration Innovation, Inc. (i3) 풀타임
Overview

Come Join Our Team

Fast-paced, dynamic, and rewarding environment supporting regional defense efforts.

This project delivers defensive cyberspace operations (DCO) support to Cyber Security Service Provider Division (CSSP-D), US Army Regional Cyber Center-Korea.

The CSSP-D environment includes any hardware, software, application, tool, system, or network used by the Government, whether developed, leased, or commercially purchased.

Our operations are based on-site at Camp Humphreys, South Korea. Employees are authorized to receive a Living Quarters Allowance, a Cost-of-Living Allowance, and relocation expenses.

Additionally, our employees are eligible for reimbursement for school-aged children to attend either Department of Defense Education Activity schools (space available) or local school of choice.

What is the position?


As a Cyber Threat Analyst, you will be required to defend against unauthorized activity on all Army assets residing on NIPRNet, SIPRNet, and CENTRIX-K.

Your work will include current and new systems at various lifecycle stages, and any future applications/systems not currently identified.

This includes activities from external hackers who may attempt to gain unauthorized access, insider threat attempts for unauthorized access, and policy violations that may impact network security and operations.

You will be required to continue performance during peacetime, crisis, hostilities, and war operations.

This is a contingent position with an expected start date in August 2024.

Responsibilities

  • Recognize a cyber security incident and take appropriate action to report the incident and preserve evidence, mitigating any adverse impact, and devising defensive measures.
  • Support Disaster Recovery (DR) and Continuity of Operations (COOP) Capability.
  • Synchronize DCO programs with ARCYBER personnel as required via working group participation to develop, research, publish, test, and annually update Deliverables, Standard Operating Procedures and Tools, Tactics, Techniques and Procedures (TTTP) related to Cyber Defense, Live Incident Handling Analysis, Cyber Threat Analysis, Threat Detection, Computer Defense Assistance Program (CDAP), and the Cyber Intrusion Analysis Program (CIAP).
  • Cybersecurity Service Provider (CSSP) accreditation.
  • Conduct monthly training on specific DCO topics derived from previous incident analysis, security testing, lessons learned, and other self-directed research/study.
  • Conduct Computer Defense Assistance Program (CDAP) missions IAW AR 380-53, Communications Security Monitoring.
  • Support an NDA team to travel to the incident location within 4 hours of notification.
  • Make recommendations for software tool development or upgrade (may include supported hardware) in support of internal defensive measure to narrow gaps within existing enterprise solutions.
  • At least twice annually, define current DCO posture and capabilities for supported networks, identify gaps with current DCO posture, generate a detailed analytical report for gaps found, and provide input to implementation plans.
  • Coordinate, de-conflict, and employ internal defensive measures within the DoDIN.
  • Assess new technologies and devices relevant to DCO.
  • Participate in exercises and assist with the development, planning and support of exercises such as Gaining Cyber Dominance or other cyberspace defense engagements.
  • Support Cyberspace Operations (CO) and DCO mission planning, mission analysis, and technical analysis.
  • Provide situational awareness of evolving network threats trends.
  • Participate in ARCYBER Cyberspace Operations (CO) meetings, conferences, and working groups.
  • Provide DCO Network Security Monitoring, Detection, and Analysis.
  • Analyze and correlate anomalous events identified in Security Information Event Management (SIEM) systems, Big Data Analytics, and supporting devices/applications.
  • Analyze, correlate, and trend anomalous events and incidents to identify and characterize the threat or incident.
  • Conduct exploratory and in-depth analysis of network traffic from security devices, analysis of host-based audit logs, malware analysis, trending of incident reports, correlation of classified and open-source threat reporting, and linkages/integration with other DCO agencies.
  • Implement mitigation measures in response to general or specific Advanced Persistent Threats (APT), (attempted exploits/attacks, malware delivery, etc.) on the respective networks.
  • Develop, staff, coordinate, and execute Incident Response investigations for the operational environment (NIPRNet, SIPRNet and CENTRIX-K).
Qualifications

  • Active DoD TS/SCI clearance.
  • Bachelor's degree or higher from an accredited college or university in one of the following fields: Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, Computer Engineering, Mathematics or Engineering.
  • Any of the following certifications can be substituted for a Bachelor's degree: CCSP or CEH or CFR or Cloud or CySA or GCED or GICSP or PenTest.
  • If substituting certification for a Bachelor's degree, a HS diploma or GED is required in addition to the certification.
Preferred Qualifications

  • Familiarity with Kali Linux and the Metasploit tool suite, Burpsuite Pro, wireless security tools and assessments, Cobalt Strike, Firewalls, Intrusion Detection and Prevention Systems, and other security assessment tools.
  • Previous experience in an equivalent position.
About i3


Headquartered in Huntsville, AL, i3 is a national leader in providing innovative technical and engineering solutions to a broad customer base across the U.S.

DoD.

Specializing in missile and aviation engineering and logistic services, electronic warfare and electromagnetic affects analysis, UAS system integration and flight operations, full lifecycle C5ISR engineering services, engineering analysis, cybersecurity and IT/IA innovative solutions and virtual training, simulation & serious game development and implementation.


  • We were founded in 2007 with the intent to do business differently.
  • Our focus is to leave our team members and customers better than we found them.
  • Our ultimate goal is to strengthen our Nation and our warfighter.

Perks and Benefits at i3:

  • 100% team member owned
  • Outstanding insurance coverage
  • 401(k) match
  • Health and wellness incentives
  • Tuition and certification reimbursement
  • Generous PTO
  • Fun culture with company activities
  • Countless opportunities to give back to the community through our charitable organization, i3 Cares
We work hard. We compete hard. We play hard. Apply now to join us

Job LocationsKR-Pyeongtaek

ID
Business Unit ITCE

Type Full-Time

Clearance Top Secret Required