Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.
The DHS CBP SOC Program has a critical need for a Tier 1 Cyber Threat Analyst. This is a full time funded position based in Alexandria, VA. This position does not have Telecommuting Options.
The ideal candidate will have a basic understanding of cyber threats, information security, and monitoring and detection. The candidate must be familiar with TCP/IP ports and protocols, intrusion detection systems, and netflow analysis.
Duties and Responsibilities:
Perform network security monitoring and detection. Proactively searching for threats. Inspect traffic for anomalies and new malware patterns. Investigate and analyze logs. Provide analysis and response to alerts, and document activity in SOC investigations and Security Event Notifications (SENs).
EDUCATION & EXPERIENCE:
Requires BS degree and 2 to 4 years of relevant experience or Masters Degree with less than 2 years of relevant experience. Four years of related experience may be considered in lieu of a BS degree, with strong preference toward recent applicable cyber experience and/or certifications
Minimum of a current Secret Clearance with the ability to obtain TS/SCI
In addition to specific clearance requirements all Department of Homeland Security CBP SOC employees are required to have or be able to favorably pass a 5 year (BI) Background Investigation.
Between 1-3 years of Cyber Threat Analysis experience
Security+ Certification or equivalent in industry certification, background and knowledge.
Knowledge of TCP/UDP/IP networking, familiarity with packet analysis tools such as WireShark, and a general understanding of networking protocols similar to COMPTIA Network+