Cybersecurity Analyst
Job Summary
Newberry Group's Public Sector Division is seeking Cybersecurity Analysts with the expertise to support a 24/7 Cyber Network Defense (CND) Operation for Department of Defense networks at Scott Air Force Base in Illinois. This includes analyzing real-time cyber threat intelligence to stay ahead of emerging threats, correlating security events to identify and prioritize potential incidents, conducting network traffic analysis using raw packet data to uncover malicious activity and collaborating with incident response teams to contain and eradicate threats.
Candidates must hold an active DoD Secret clearance. Additionally, candidates must have the ability to obtain an active Top Secret clearance in the future.
Location
Work is to be performed on-site and must have willingness and ability to perform shift work (shifts may not be static).
There are three available shifts: 7am-3pm, 3pm-11pm, and 11pm-7am.
Salary
$95,000 to $125,000
Primary Responsibilities:
- Investigate alerts generated from endpoints, IDS/IPS, NetFlow data, and custom sensors to detect compromises on customer networks.
- Analyze extensive log files, pivot between diverse datasets, and correlate evidence to support incident investigations, creating detailed technical reports outlining your findings.
- Triage security alerts to rapidly identify malicious actors targeting customer networks.
- Monitor and analyze DoD and open-source intelligence feeds to identify Indicators of Compromise (IOCs) and integrate them into security sensors and SIEMs.
- Report security incidents to customers and USCYBERCOM, ensuring timely communication and coordinated response.
- Minimum active DoD Secret clearance with the ability to obtain TS/SCI.
- Current DoD 8570 IAT Level II certification (or higher), such as CompTIA Security+ CE, ISC2 SSCP, or SANS GSEC (or equivalent).
- Ability to obtain DoD 8570 CSSP-A Level Certification (e.g., CEH, CySA+, GCIA, or equivalent) within 180 days of hire.
- Strong foundation in networking, including packet analysis, common ports and protocols, and traffic flow. Knowledge of the OSI model, defense-in-depth security principles, and common security elements for effective threat detection, analysis, and mitigation as a SOC Security Analyst.
- Education and experience requirements:
- Level I: Bachelor's degree and 1+ years of relevant experience; equivalent work experience and/or military service may be considered in lieu of a degree.
- Level II: Bachelor's degree and 3+ years of relevant experience; equivalent work experience and/or military service may be considered in lieu of a degree.
- Proven ability to work effectively both independently and as a collaborative team member, demonstrating initiative and a strong work ethic in both settings.
- Committed to continuous learning and self-improvement in the cybersecurity domain, as evidenced by ongoing pursuit of certifications, active participation in industry forums, and dedication to staying ahead of emerging threats and technologies.
- Excellent problem-solving skills, including the ability to collaborate effectively with cross-functional teams to address complex security challenges in real-world scenarios. This includes the ability to communicate technical information clearly and concisely, build consensus, and drive solutions to completion.
- Reliable and flexible, with a demonstrated willingness to work assigned shifts to support operational requirements and team objectives.
- Located within a commutable distance to Scott AFB, IL.
Preferred Qualifications:
- Hands-on experience analyzing large volumes of logs, network data (e.g., Netflow, Full Packet Capture), and other attack artifacts during incident investigations.
- In-depth experience using a SIEM/SOAR platform to analyze multiple log types and events across various data points, applying techniques such as behavioral analysis, statistical analysis, and machine learning to detect and respond to advanced threats.
- Comprehensive understanding of the network threat lifecycle, attack vectors, and methods of exploitation, including intrusion set tactics, techniques, and procedures (TTPs).
- Experience with Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, and Network Forensics tools.
- Experience or knowledge in monitoring, defending, or administering cloud networks (e.g., AWS, Azure, GCP), including cloud-native security tools and strategies for protecting data in cloud environments. Experience identifying and mitigating cloud-specific attacks.
- Experience managing, defending, administering, or deploying mobile devices (iOS, Android) for enterprise, including mobile device management (MDM), mobile application management (MAM), and mobile threat defense (MTD). A strong understanding of mobile security best practices and mobile threat landscape is highly desired.
- Scripting and programming skills.
Newberry Group is a performance-driven government services and solutions firm that provides security compliance, program governance, consulting, and customized solutions for public sector clients nationwide.
The strength of our company is a direct reflection of our highly skilled and talented workforce.
Benefits and Perks
In addition to competitive wages, Newberry Group offers an outstanding benefits package. This includes medical coverage with two plan options (HDHP or PPO), dental and vision coverage, personal time off, paid holidays, parental leave program, telecommuting if available, retirement savings accounts (Pre Tax and Roth), flexible and dependent care savings accounts, life insurance, long and short-term disability coverage, tuition and training reimbursement, and employee assistance program.
The Newberry Group, Inc. is an Equal Opportunity Employer – EEO/AA/Disability/Veterans.