The Alaka`ina Foundation Family of Companies (FOCs) has a need for a Response Analyst to support our government customer located in Honolulu, HI

DESCRIPTION OF RESPONSIBILITIES:

• Provide cyber threat awareness reports on network threats/trends to the theater.
• Produce informational reports for theater stakeholders to address evolving cyber threats/trends to increase situational awareness and affect positive changes to the defensive posture of the networks.
• To maximize awareness of potential impacts to commanders and other stakeholders, reports shall be disseminated weekly, or as needed depending on the criticality of the event.
• Perform analysis of specific information assurance vulnerability alert (IAVA) and common vulnerability and exposures (CVE) vulnerabilities and provide a detailed risk assessment and recommended mitigation actions to the Cyber Security Service Provider (CSSP) customer.
• Provide risk assessments with recommended mitigation strategies.
• Provide data analysis as identified by the COR. This requirement shall include at a minimum; trend analysis evaluating activity on the army networks to identify systemic or potential issues and include metrics and recommendations to enable development and deployment of response actions.
• Develop, staff, coordinate and execute cyber–incident response investigations for the operational environment (unclassified and classified). Investigations shall address each pre-determined category of cyber incident (IAW CJCSM 6510.01B) detected (internally or externally reported); address priorities and types of internal defensive measures and potential mitigation strategies to be employed.
• Validate security event information for each cyber incident ticket which includes at a minimum event name, date, time, location, source IP address, destination IP address, source ports, and destination ports.
• Develop and distribute content provided by security platform vendors at least weekly and as needed.
• Develop and distribute in-house content based on tippers from higher organizations and the CSSP team.
• Analyze, correlate, and trend anomalous cyber events and incidents: analyze and correlate anomalous events identified in, SIEM systems, big data analytics, and supporting devices/applications. The customer ingests feeds from different connectors including, but not limited to, IPS sensors, IDS sensors, web proxies, routers, epo servers, server system logs, active directory, DNS, etc.
• Conduct open-source research to identify commercial exploits or vulnerabilities (i.E., Zero - day) requiring DCO actions.
• Monitor current army detection capabilities ((army endpoint security service (AESS), IDS/IPS, etc.) For new or potential threat activity.
• Conduct exploratory and in-depth analysis of network traffic from security devices, analysis of host-based audit logs, malware analysis, trending of cyber incident reports, correlation of classified and opensource threat reporting, and linkages/integration with other agencies.
• Document the analysis, findings, and process to capture/identify threat, including any identified advance persistent threat that is currently not being detected through traditional means, the process and/or tools used to capture/identify threat and a recommended repeatable process to facilitate further triage efforts and situational awareness of the CSSP analysts.
• Other duties as assigned.

REQUIRED DEGREE/EDUCATION/CERTIFICATION:

• A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science
• Must meet at least one of the following baseline certifications in lieu of education: CySA , CFR, GCFA, GCIA, GDSA, GCIH, GICSP, or CCE
• Must meet designated Computing Environment (CE) certifications within 6 months of hire.

REQUIRED SKILLS AND EXPERIENCE:

• Knowledge and experience with disaster recovery continuity of operations plans.
• Knowledge of how network services and protocols interact to provide network communications.
• Knowledge of incident categories, incident responses, and timelines for responses.
• Able to recognize and categorize types of vulnerabilities and associated attacks, perform damage assessments, and preserve evidence integrity according to standard operating procedures.
• Optimize and automate various tasks via scripting languages: (Powershell/Bash/Python, etc.)
• Developing atomic, statistical, and behavioral rules within SIEM(s): (Splunk/Elastic/Trellix, etc.)
• Analysis of network alerting within IDS/IPS(s): (Cisco Secure Firewall/Trellix/Security Onion, Snort/Suricata, etc.)
• NIDS rule creation and tuning: (Snort/Suricata, etc.)
• Perform PCAP Analysis and associated tools: (TCPDump/Snort/Suricata, Wireshark/Network miner, etc.)
• Understand logging outputs of Network Security Monitors: (Zeek/Suricata, etc.)
• Utilize Digital Forensic solutions for Hard Drive Imaging analysis: (EnCase, FTK Imager, etc.)
• Perform Host analysis HID/HIP and other Host solutions: (Trellix HBSS/ePO, Tychon/Tanium, etc.)
• Must meet DoD 8140 Cyber Defense Incident Responder (531)

REQUIRED CITIZENSHIP AND CLEARANCE:

• Must be a U.S. Citizen.
• Must have a TOP SECRET/SCI clearance OR a SECRET clearance with the ability to upgrade

​

The Alaka`ina Foundation Family of Companies (FOCs) is a fast-growing government service provider. Employees enjoy competitive salaries. Eligible full-time employees enjoy a 401K plan with company match; medical, dental, disability, and life insurance coverage; tuition reimbursement; paid time off; and 11 paid holidays.

We are an Equal Opportunity/Affirmative Action Employer. We are proud to state that we do not discriminate in employment decisions on the basis of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. If you are a person with a disability and you need an accommodation during the application process, please click here to request accommodation. We E-Verify all employees.

 The Alaka`ina Foundation Family of Companies (FOCs) is comprised of industry-recognized government service firms designated as Native Hawaiian Organization (NHO)-owned and 8(a) certified businesses. The Family of Companies (FOCs) includes Ke`aki Technologies, Laulima Government Solutions, Kūpono Government Services, and Kāpili Services, Po`okela Solutions, Kīkaha Solutions, LLC, and Pololei Solutions, LLC. Alaka`ina Foundation activities principally benefit the youth of Hawaii through charitable efforts which includes providing innovative educational programs that combine leadership, science & technology, and environmental stewardship.

For additional information, please visit www.alakainafoundation.com. 

#LI-JS1

#ClearanceJobs