Careers

Cyber Security Analyst

  • ISC Consulting Group
  • Grovetown, GA 30813, USA
  • Nov 09, 2020
[Information Technology]

Job Description

About ISC Consulting Group

ISC is a Veteran Affairs Certified Service-Disabled Veteran-Owned Small Business (SDVOSB) headquartered in Sierra Vista, Arizona. Our mission is to enable superior decision making through information dominance. ISC provides advanced education, analytic and technical solutions within strategic DOD and commercial markets. We leverage the best minds and technologies to make a measurable difference

We specialize in delivering mission-critical services within the Intelligence Community and the U.S. Military, as well as the Federal Government and key commercial clients. ISC's core competencies include C5-ISR, IT Management Operations & Cyber Security, Instructional Solutions, Test & Evaluation Management Operation Services, and Big Data Business Intelligence and Data Analytics.

At ISC, our primary commitment is to provide client-driven excellence. This is only possible because of our most important asset, our people. We are recognized by our team members as the best place to work and develop a career, serving our clients with pride and professionalism. Our corporate culture reiterates the importance of "Mission first, people always."

Contract Overview

This requirement is to provide Information Technology services and support for enhancement, maintenance, and security of the Cyber Center of Excellence (CCoE) G6's Network, Enterprise Level Solutions, and IT Services.

Position General Responsibilities

  • Provide Cyber Security expertise, including feasibility studies, technical evaluation, justification, acquisition/procurement, installation, implementation, management, and administration of IT systems including virtualized infrastructures and systems (ex. VMWare and OpenStack).
  • Assist in the administration of an effective Cyber Security program that involves providing management of organizational risk advice, guidance, and assistance. Stay abreast on changes to Joint, DOD and Army doctrine as it pertains to cyber security and risk management.
  • Maintain up-to-date on IT news regarding network security and future trends in Cyber Security (ex. cloud computing security).
  • Maintain the CCoE security posture with proper certification and accreditation procedures/documentation/mitigation through continuous monitoring of CAT Is and II/III findings.
  • Update, maintain and test the Disaster Recovery Plan and Continuity of Operation (COOP) to reflect changes in the IT environment.
  • Assists in the coordination of vulnerability assessments, inspections, tests and reviews of the CCoE's information systems and processes.
  • Provide contact with customers and must maintain good customer relations as well as understand and apply the processes of IT project management.
  • Synthesizes system requirements, identifies and assesses alternative solutions, prepares the recommendation in either document and/or briefing format. Presents options to the customer for implementation. Sample expertise includes the preparation of security policies, security plans, user's guides, system administrator guides, or network security design document.
  • Responsible for either generating and/or coordinating the compiling of all document deliverables required for Certification & Accreditation (C&A).
  • Process, track and manage C&A packages into applicable systems (ex. eMASS).
  • Receive and analyze network alerts from various sources within the NE or enclave and determine possible causes of such alerts.
  • Coordinate with Computer Network Defense (CND) staff to report, resolve, mitigate, and validate network alerts.
  • Report lost/stolen/compromised Serious Incident/Personally Identifiable Information (SI/PII) to the Information Systems Security Manager (ISSM)
  • Perform analysis of log files from a variety of sources within the NE or enclave, to include individual host logs, network traffic logs, firewall logs, and intrusion detection system logs.
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
  • Monitor external data sources (e.g. CND vendor sites, Computer Emergency Response Teams, SANS, Security Focus) to maintain currency of CND threat condition and determine which security issues may have an impact on the NE or enclave.
  • Implement and enforce policies and procedures reflecting the legislative intent of applicable laws and regulations for the Network Environment (NE).
  • Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
  • Provide recommendations to the Cyber Security Division Chief for NE security requirements specific to an IT acquisition for inclusion in procurement documents.
  • Recommend resource allocations required to securely operate and maintain an organization's Network Environment Information Assurance (NE IA) requirements.
  • Participate in an IS risk assessment during the C&A process.
  • Provide recommendations to the Cyber Security Division Chief for security requirements for hardware, software, and services acquisitions specific to NE IA security programs.
  • Ensure that IA and IA enabled software, hardware, and firmware comply with appropriate NE security configuration guidelines, policies, and procedures.
  • Assist in the gathering and preservation of evidence used in the prosecution of computer crimes. The contractor shall provide assistance and support as directed by CCoE officials and Government investigators.
  • Ensure that NE IS recovery processes are monitored and that IA features and procedures are properly restored.
  • Review IA security plans for the NE.
  • Identify alternative functional IA security strategies to address organizational NE security concerns.
  • Ensure that IA inspections, tests, and reviews are coordinated for the NE.
  • Review the selected security safeguards to determine that security concerns identified in the approved plan have been fully addressed.
  • Evaluate the presence and adequacy of security measures proposed or provided in response to requirements contained in acquisition documents.
  • Support CCoE G6 to provide leadership and direction to NE personnel by ensuring that IA security awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities.
  • Make recommendations to the Cyber Security Division Chief and implement programs to ensure that systems, network, and data users are aware of, understand, and follow NE and IA policies and procedures.
  • Advise the Cyber Security Division Chief of Designated Approving Authority (DAA) level changes that affect the NE IA posture.
  • Support NE physical security assessments and recommend corrective actions as they relate to cybersecurity weaknesses
  • Help prepare IA certification and accreditation documentation.
  • Ensure that compliance monitoring occurs, and review results of such monitoring across the NE.
  • Assist in Administrative Tasks such as budget creation, account creation, task management, etc.
  • Serves as Trusted Agent or LRA for SIPRNET Public Key Infrastructure Tokens.
  • Create and/or maintain IT CCoE guidance (includes policies, SOPs, TTPs, etc) and conduct inspections for user adherence
  • Attend meetings directly related to duties IAW PWS to gain insight and/or provide subject matter expert (SME) guidance. Take legible notes and be able to provide them upon request.

Position Qualifications

  • Have a minimum of three (3) years of work experience in the area of Information Assurance, Cyber/Information Security
  • Have at least one (1) year of Certification and Accreditation & Cyber Risk Management experience: DoD RMF (DoD 8500, DoD 8510, NIST 800-37/-53), and DCID 6/3 and ICD 503 processes and implementing frameworks by performing risk assessments, system certification, and accreditation at all classification levels (NIPRNET, SIPRNET, and JWICS).
  • Have at least one (1) year of experience in security incident handling/incident response process, methods, and coordination with Regional Cyber Center-CONUS (RCC-C), Regional Network Enterprise Center (RNEC), NEC, etc.
  • Have demonstrated knowledge of network threats, attacks, and other methods of exploitation, and the ability to develop Tactics, Techniques, Procedures (TTPs) to mitigate, deter, and respond. (Threat Vulnerabilities and Reporting; Threats Reconnaissance; Digital Forensics; Social Engineering/Phishing; Syslog Monitoring)
  • Have knowledge of Cyber Security practices for cloud and virtual environments (ex. AWS, MS Azure, VMWare, and OpenStack)
  • Have working knowledge of application assessment, application security vulnerabilities, code review methodologies, and secure coding practices
  • Have strong knowledge of the development of CCoE Policy (Policies, SOPs, TTPs, etc.) and the conduct of the associated inspections for user adherence to the CCoE policy developed
  • Certifications Required - all of the following are required:
  • Baseline certifications. Approved baseline certification information: . Note: CEH will satisfy baseline certifications for both CSSP Auditor and CSSP Analyst
  • CSSP Auditor: CEH (red), CySA+ (blue),, CISA, or GSNA and
  • CSSP Analyst: GCIA, CEH (red), CySA+ (blue), GHIC
  • Computing Environment (CE) certifications: N/A - only required for IAT IAWF positions.
  • Be monitored in the Army Training and Certification Tracking System (ATCTS).
  • Successfully complete Information Assurance Fundamentals online course and exam at
  • Complete the Privileged Level Access Agreement (PLAA) annually.

  • This Personnel Security Standard for this position is IT-I (Personnel in IA positions with privileged-level access to control, manage, or configure IA tools or devices, individual and networked IS and devices, and enclaves).

ISC Consulting Group is an Equal Opportunity/Affirmative Action/VEVRAA Federal Contractor. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.

ISC Consulting Group gives preference to Internal Candidates. If no internal candidate meets our qualifications, external candidates will be given consideration.


Associated topics: attack, identity access management, information assurance, information security, leak, protect, security, security engineer, security officer, threat