Cyber Intel Analyst- Computer Incident Response Team Job in Not Specified, Colorado US
Cyber Intel Analyst- Computer Incident Response Team
Specific Job Description This Lockheed Martin Enterprise Business Services (EBS) Cyber Intel Analyst plays a crucial role supporting the Lockheed Martin Computer Incident Response Team (LM-CIRT) Attack Analysis team within Corporate Information Security. The position resides at the Security Intelligence Center (SIC) at the Denver Data Center, Denver, CO. **Further leveraging the skills obtained within the SIC, employees in this position may be asked to rotate onto ISGS programs requiring individuals with intelligence based network defense experience.** This position responsibilities include, but are not limited to: incident handling (guiding customers and directing resources throughout the intelligence-based response processes), forensic analysis (analysis of compromised machines), monitoring the environment real time, developing thorough incident reports, delivering threat awareness/education briefings and documentation and other technical writing assignments. This role is also responsible for leveraging security data from internal sensors (IDS, routers, SIMS, firewalls, hosts) and external sources (Industry portals, the DoD, US-CERT, partners, etc) in an effort to implement effective mitigations, and reviewing security logs for signs of attacks. Position is responsible for researching and maintaining proficiency in tools, techniques, countermeasures, and basic trends in computer and network vulnerabilities and exploits. Analyst will be required to successfully participate in production of cohesive technical intelligence reports, and maintaining a DoD clearance is essential. Standard Job Description Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks. Supports cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Coordinates resources during enterprise incident response efforts, driving incidents to timely and complete resolution. Employs advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis. Supports internal HR/Legal/Ethics investigations as forensic subject matter expert. Performs network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks. Reviews threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities. Correlates actionable security events from various sources including Security Information Management System (SIMS) data and develops unique and effective correlation techniques. Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats. Develops analytical products fusing enterprise and all-source intelligence. May conduct malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols. Interfaces with external entities including law enforcement organizations, intelligence community organizations and other government agencies such as the Department of Defense. Further leveraging the skills obtained within the Security Intelligence Center candidates accepting this position may be asked to rotate onto ISGS programs requiring individuals with intelligence based network defense experience.