Full job description
The Cyber Defense Analyst II implements and maintains security monitoring and detection systems. Incorporates advanced technology and advises on operational direction of security controls implementation. Serves as information security subject matter expert, provides subject matter expertise from a technical and operational perspective in support of policy and standards, applicable federal regulations, and other binding standards. Consistently incorporates a multidisciplinary/cross-functional approach to enhance technical outcome for assigned applications. Recognizes the contributions of all team members and implements all work with an interdisciplinary approach. Requires a well-rounded set of experience within IT compliance, conducting audits and reporting/remediating findings. Must be a team player with strong leadership, interpersonal, verbal and written communication skills. Manages complex Information Systems project/products in order to provide automated solutions that meet business needs. Maintains system applications and facilitates updates, new releases and system enhancements related to security build, deployment, and optimization of cross-functional system applications. Responsible for maintaining and supporting Information Security in the areas of audit, IT change management control, management of protected health information, segregation of duties and provisioning & deprovisioning of users. Leads efforts to improve outcomes through education and implementation of research-based processes. Communicates project and team status to internal and external audiences including the operations teams, steering committees, executive sponsors, and project principles as required.
Job Responsibilities
Job Responsibilities
- Triage and correlate security events and offenses upon receipt across cybersecurity operations platforms.
- Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
- Identify potential conflicts with implementation of any cyber defense tools (e.g., tool and signature testing and optimization).
- Escalate security events to security incidents based on established criteria.
- Coordinate incident response functions.
- Specializes in one or more of Incident Response, Threat Modeling, Vulnerability Management, Forensic Collection and Examination, Cyber Investigation, Cyber Intelligence Fusion, or other cyber discipline:
- Incident Response – Handles incidents from declaration to closure. Produces operational and analytic reports for compliance and executive audiences. Directs action in coordination with leadership and emergency management to protect Inova resources.
- Threat Modeling – Develops threat overlays, identifies gaps and areas of interest, develops additional detective and/or preventive measures to address material weaknesses in cyber defenses.
- Vulnerability Management – Identifies system and technology vulnerabilities, develops and manages remediation campaigns, recommends improvements in operational and defensive programs, produces operational and analytic reports.
- Forensic Collection and Examination – collects evidence and artifacts to support law enforcement and/or cyber intelligence needs, analyzes systems, devices, software, and hardware for cyber threat activity, recommends actions to prevent reoccurrence, produces analytic reports in support of cyber investigations and incident response.
- Cyber Intelligence Fusion – curates information and sources, develops priority intelligence requirements, issues specific directives for production of information holding intelligence value, fuses data and information into cyber intelligence, maintains awareness on threat actors and their methods, and produces tactical, operational, and strategic analysis and reports.
- Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs).
- Track and document cyber defense incidents from initial detection through final resolution.
- Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies.
- Coordinate with intelligence analysts to correlate threat assessment data.
- Write and publish after action reviews.
- Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
- Read, interpret, write, modify, and execute simple scripts (e.g., Perl, VBScript) on Windows and UNIX systems (e.g., those that perform tasks such as: parsing large data files, automating manual tasks, and fetching/processing remote data).
- Analyze and report organizational security posture trends.
- Analyze and report system security posture trends.
- Maintain current threat knowledge, including actors, tactics, techniques, and procedures.
- Provide subject matter expertise to the development of a common operational picture.
- Provide subject matter expertise to the development of cyber operations specific indicators.
- Assist in the coordination, validation, and management of all-source collection requirements, plans, and/or activities.
- Assist in the identification of intelligence collection shortfalls.
- Maintain framework knowledge, such as NIST CSF and MITRE ATT&CK, and apply to daily activities.
Requirements:
Education
Minimum Bachelors in Computer Science or related field OR equivalent combination or education and experience.
Requirements
Experience
5 years in Cybersecurity / Information Security or in system or network administration.
Certification
Desired but not required: CISSP and any one of vendor agnostic certification in Cybersecurity, Cyber Offense, Threat Modeling, Incident Response, Cyber Investigations, Computer or Network Forensics, Cyber Intelligence.
Inova is Northern Virginia’s leading nonprofit healthcare provider. Our mission is to provide world-class healthcare – every time, every touch – to each person in every community we have the privilege to serve. Inova’s 18,000 team members serve more than 2 million individuals annually through an integrated network of hospitals, primary and specialty care practices, emergency and urgent care centers, outpatient services and destination institutes.
Safety Always: Learn how we keep our team members and patients
Safe@Inova.
Full Time
Application Questions
By clicking above, you acknowledge that your information is being processed by Appcast and will be transmitted to the employer. See our Privacy Policy and Job Seeker Terms of Use.