% Travel: 25% Travel Necessary

Minimum Clearance: TS/SCI

Location: San Antonio, TX 

Certification Requirement: DoD 8570 IAT III- (CASP CE, CCNP Security, CISA, CISSP, GCED, GCIH)

 OVERVIEW

CS3 is seeking cyber operators with hands-on Intrusion Detection Systems (IDS) and forensic analyst experience. In support of National Cyber Protection Team (CPT) operations, candidates will serve as Cyber Operators filling either a Cyber Security Network Analyst position or Cyber Security Host Analyst position. The operator will conduct network navigation, tactical forensic analysis, collection of valuable operational data, and when directed, execute operations in support of defensive initiatives. Operators will provide support for persistent monitoring of all designated networks, enclaves, and systems. Candidates may be required to interpret, analyze, and report findings in-accordance-with computer network directives, including initiating, responding, and reporting discovered events. Candidates may be required to manage and execute first-level responses and address reported or detected incidents. Candidates will participate in project review meetings and provide technical INFOSEC guidance and updates; document policies, procedures, and lessons learned accordingly. Candidates must possess excellent written and verbal communication skills.

REQUIREMENTS
one or more of the following:

• Minimum Bachelor’s degree and 2 years’ experience, Associates degree with 4 years’ experience or 6 years’ equivalent experience without a degree; degrees focused on engineering or applied science. Other degrees with strong computer technology curriculum may be considered
• General knowledge of physical computer components and architectures, including the functions of various components and peripherals, basic programming concepts, assembly codes, TCP/IP, OSI models, underlying networking protocols, security hardware, and software.
• Must meet DoD 8570 IAT Level 3 requirements
• Must complete self-assessment questionnaire, customer pre-screen, skills assessment lab, pass the training and certification program(s) as dictated by the customer, and remain mission ready qualified
• Candidates should be self-motivated with minimal supervision
• Proficiency in writing, editing, executing scripts on Windows, Linux, UNIX systems.
• Experience with toolsets such as Wireshark, ELK, Moloch, Metasploit, tcpdump, NMap, Nessus, Snort, Bro, EnCase, Forensic Toolkit, Windows Fundamentals, UNIX fundamentals, exploitation theory, privilege escalation, evidence removal
• Experience with Cyber Threats Detection and Mitigation, Behavioral Malware Analysis
• Experience with, Advanced Network Traffic Analysis, Malicious Network Traffic Analysis
• Have strong UNIX/Linux fundamentals along with familiarity of UNIX/Linux/Windows Command Line Interface (CLI)
• Demonstrated ability to methodically analyze problems and identify potential solutions
• Ability to explain, present, demonstrate (when applicable), and document the operational impact of a particular vulnerability or exploit
• Ability to assist the customer with implementing policies and tactics, techniques, and procedures for conducting assessments
• Familiarity with NIST, DISA STIGS, and experience in conducting DoD vulnerability and compliance assessments
• Possess or be willing to obtain within 6-months of start date if not already possessed – Operating System Certification; Microsoft or Linux

 (Preferred) Qualifications

• Experience programming in assembly compiled and interpreted languages.
• Experience with encryption and decryption such as PGP, DES, AES, RSA, and PKI.
• Knowledge of distributed systems, process control, advanced routing, wireless, telecom, and datacom platforms.
• Experience programming in C, C++, C#, Ruby, Perl, Python, SQL.
• Certifications such as GXPN, GREM CCNA, CCNP, CCIE, GCFA, GNFA, RHCE, CompTIA, LPT, OSCP, GXPN, GREM CEH, Security+, MCP, and SANS GPEN a plus
• Experience working with correlation environment tools (i.e., ArcSight))
   

Additional Requirements:

Travel may be required up to 25%
Must successfully complete, and maintain, mission qualification requirements

% Travel: 25% Travel Necessary

Minimum Clearance: TS/SCI w/Poly

Location: San Antonio, TX 

Certification Requirement: DoD 8570 IAT III- (CASP CE, CCNP Security, CISA, CISSP, GCED, GCIH)

OVERVIEW

Serve on Cyber Protection Team (CPT) in either a Cyber Security Network Analyst position or Cyber Security Host Analyst position.  The operator will conduct cyber threat hunting, network navigation, tactical forensic analysis, collection of valuable operational data, and when directed, execute operations in support of defensive initiatives. Operators will provide support for persistent monitoring of all designated networks, enclaves, and systems. Candidate may be required to interpret, analyze, and report findings in accordance with computer network directives, including initiating, responding, and reporting discovered events. Candidates may be required to manage and execute first-level responses and address reported or detected incidents.

REQUIREMENTS 

• Experience with toolsets such as Wireshark, the Elastic Stack, Arkime, Zeek, Metasploit, tcpdump, NMap, Nessus, Snort, EnCase, Forensic Toolkit, Windows Fundamentals, UNIX fundamentals, exploitation theory, privilege escalation, evidence removal
• Have strong UNIX/Linux fundamentals along with familiarity of UNIX/Linux/Windows Command Line Interface (CLI), Bash and PowerShell
• Proficient in writing, editing, executing scripts on Windows, Linux, UNIX systems

(Preferred) Qualifications

• Knowledge of cyber forensic collection, preservation, and chain of custody
• Experience with Endpoint Detection and Response (EDR) toolsets, such as Elastic Endpoint Security, CrowdStrike Falcon, and Trellix EDR
• Experience with encryption, decryption, and hashing technologies such as DES, AES, RSA, PKI, SHA, and MD5
• Knowledge of Red Team Tactics, Techniques, and Procedures (TTP)
• Knowledge of distributed systems, process control, advanced routing, wireless, cloud, telecom and datacom platforms
• Experience programming in C, C++, C#, Ruby, Perl, Python, SQL

Additional Requirements:

Must successfully complete, and maintain, mission qualification requirements

% Travel: None

Minimum Clearance: TS/SCI

Location: San Antonio, TX 

Certification Requirement: DoD 8570 IAT II

OVERVIEW

The candidate must be able to provide assistance in all aspects of Windows management that include implementation, maintenance, and upgrading of existing devices; implement Security Technical Implementations Guide (STIG) requirements to all Windows to support the Risk Management Framework (RMF); troubleshoot network/host issues; and recommend procurement of and/or modifications to system components.

REQUIREMENTS 

Administer various Windows and Linux operating systems

Administration experience on Windows 2016/2022 server – Forest, Domain trust, AD, DFS, DNS, WINS, DHCP, Group Policy, Distribution lists, Windows folder security, user permissions and local policies

Administration experience with Microsoft WDS, WSUS and Veeam backup solutions

Knowledge of Active Directory LDAP service, shell scripting, Certificate services (PKI), AD Site Topology

Ability to quickly adapt and understand the customer’s environment and learn supporting technologies

Familiar with use of iDRAC for remote maintenance

Understanding of VMware’s integration with Dell EMC Storage

Install and configure vCenter Server, and Configure and maintain ESXi servers

Work with other engineers (UNIX, Windows, VMware, networking, etc.) and operations staff responsible for the hardware, software, and processes that support storage subsystems, and data backup and recovery operations

Work with network engineer on mission support and operational systems maintenance

Collaborate with senior infrastructure personnel on the preparation and reconstitution of mission support systems

Assist in the design, configuration, and maintenance of organizational computer networks

Perform cyber security and vulnerability assessments of customer network environments

Perform other duties and projects as assigned by management and/or senior personnel

Act as a technical resource to assist with resolving critical customer issues

Familiarity with and ability to leverage Enterprise management tools/utilities such as SolarWinds, protocol analyzers, and network discovery and reconnaissance tools

Work off hours when required to perform maintenance activities, system upgrades, and data migrations

Working knowledge of TCP/IP protocol