Overview: Responsibilities:

• Defend against unauthorized activity on the Army's classified and unclassified networks.
• Analyze and prepare reports on activities from external hackers who may attempt to gain unauthorized access, insider threat attempts for unauthorized access, and policy violations that may impact network security and operations.
• Support DCO Network Security Monitoring, Detection, and Analysis; coordinate, de-conflict, and employ internal defensive measures; assess new technologies and devices relevant to DCO, conduct exploratory and in-depth analysis of network traffic from security devices, analysis of host based audit logs, malware analysis, trending of incident reports, correlation of classified and open source threat reporting, and linkages/integration with other DCO agencies.
• Analyze and correlate anomalous events identified in Security Information Event Management (SIEM) systems, Big Data Analytics, and supporting devices/applications.
• Recognize a cyber security incident, taking appropriate action to report the incident and preserve evidence, mitigating any adverse impact, and devising defensive measures, perform initial analysis on captured volatile data, log data, captured network traffic data, etc. to identify any immediate intrusion related artifacts which in turn will allow immediate defensive countermeasures to be implemented.
• Report incidents to law enforcement and counterintelligence agencies and implement mitigation measures in response to general or specific Advanced Persistent Threats (APT), (attempted exploits/attacks, malware delivery, etc.) on the respective networks.
• Participate in Incident Response investigations for the operational environment (unclassified and classified) and provide situational awareness of evolving network threats trends.
• Synchronize DCO programs with US Army Cyber (ARCYBER)as required via working group participation to develop, research, publish, test, and annually update Deliverables, Standard Operating Procedures and Tools, Tactics, Techniques and Procedures (TTTP) related to Cyber Defense, Live Incident Handling Analysis, Cyber Threat Analysis, Threat Detection, Computer Defense Assistance Program (CDAP), and the Cyber Intrusion Analysis Program (CIAP).
• Participate in ARCYBER Cyberspace Operations (CO) meetings, conferences, and working groups and support Disaster Recovery (DR) and Continuity of Operations (COOP) Capability.
• Support Cybersecurity Service Provider (CSSP) accreditation and participate, if tasked, in exercises and assist with the development, planning and support of exercises such as Gaining Cyber Dominance or other cyberspace defense engagements.

Qualifications:

• Bachelor’s degree or higher from an accredited college or university (Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field) or CCSP or CEH or CFR or Cloud+ or Cy SA+ or GCED or GICSP or Pen Test+.
• Meet Do D 8140 Certification requirements.
• Active TS/SCI security clearance.
• Must be able to maintain the level of clearance needed for this position.
• U.S. Citizenship is required.

About i3:

• We were founded in 2007 with the intent to do business differently.
• Our focus is to leave our team members, our customers and our communities better than we found them.
• Our ultimate goal is to strengthen our Nation and our warfighter.

• 100% team member owned
• Outstanding insurance coverage
• 401(k) match
• Health and wellness incentives
• Tuition and certification reimbursement
• Generous PTO
• Fun culture with company activities
• Countless opportunities to give back to the community through our charitable organization, i3 Cares