Cask is a leading Management Consulting firm specializing in delivering business and technical expertise to clients across commercial and government markets. Join the many happy employees at Cask! We have been named a top 5 firm to work for by Consulting Magazine for 5 of the past 6 years.
-
2 years of experience as an instructor in threat analysis or 3 years of experience in a leadership position, with 4 or more direct reports, in an organization such as a Security Operations Center, a Cyber Emergency Response Team, a Cyber Protection Team/Blue Team or a Red Team/Cyber Mission Team.
-
Demonstrated experience training and developing subordinates on foundational areas such as network and host analysis, JQR, Mission qualification, and KSA’s related to their assigned work role.
-
Correlation of data from multiple sources, including host, network, user, and intelligence reports to uncover threats.
-
Collection, aggregation, and interpretation of log data from various sources.
-
Configuration, management, and optimization of Network Intrusion Detection Systems and Host-based
-
Intrusion Detection Systems to include fine-tuning security rule sets for tools such as Suricata, Snort, Yara, and Sigma.
-
Deep packet inspection and identification of malicious traffic using packet analysis tools, such as
-
Wireshark or Network Miner.
-
Threat hunting to identify advanced persistent threats and zero-day vulnerabilities using various threat hunting methodologies.
-
Provide input into DCO mission products such as pre-mission planning briefs, situation reports, post mission documentation, after action reports and lessons learned at the conclusion of events such as operations, exercises, and training.
-
Integration and management of SIEM and SOAR platforms, such as Elastic, Splunk, Sentinel, and other open-source or government provided solutions.
-
Individual should meet DODM 8570.01 IAT Level III position requirements.
-
Associate degree or higher in Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering from an accredited college or university and 2 years of experience in the field and CASP+, CCSP, Cloud+, or CLSSP certifications.
- OR 4 years of experience as a Threat Analyst with experience in either Host analysis or Network analysis managing SIEM or SOAR platforms such as Elastic, Splunk, Sentinel or other open-source or government provided solutions.
- OR 4 years of experience in Offensive Cyber Operations as an Exploitation Analyst.
- OR 4 years of experience in the SIGINT community as a Target Digital Network Analyst or Digital Network Exploitation Analyst.
CLEARANCE REQUIREMENT:-
Must currently possess or be able to obtain a TS/SCI with Poly security clearance.
STATUS: Contingent on Contract Award
Cask is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, among other things, or status a qualified individual with a disability.
EEO/Employer/Vet/Disabled