Cyber Defense Analyst
Apply on
Job Description
Location: Oak Ridge, TN, On & Off-Site (hybrid/telework) - Onsite once per quarter
**Clearance Required: DOE Q or DoD TS.
Job Description: (Levels 4-6)
- Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to
- analyze events that occur within their environments for the purposes of mitigating threats.
- Knowledge, Skillset, and Abilities (KSAs)
- Characterize and analyze network traffic to identify anomalous activity and potential threats to
- network resources; develop content for cyber defense tools
- Document and escalate incidents (including event's history, status, and potential impact for further
- action) that may cause ongoing and immediate impact to the environment
- Perform event correlation using information gathered from a variety of sources within the enterprise to
- gain situational awareness and determine the effectiveness of an observed attack; perform cyber
- defense trend analysis and reporting
- Provide daily summary reports of network events and activity relevant to cyber defense practices
- Receive and analyze network alerts from various sources within the enterprise and determine possible
- causes of such alerts
- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous
- activities, and misuse activities and distinguish these incidents and events from benign activities
- Use cyber defense tools for continual monitoring and analysis of system activity to identify potential
- malicious activity
- Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects
- on system and information
- Identify applications and operating systems of a network device based on network traffic
- Reconstruct a malicious attack or an activity utilizing network traffic
Education: Technical Field Experience weighted greater than minimum education;
Level 4: PhD in a technical field with limited experience or Master s degree in a technical field and 2 to 5 years of
related experience; or Bachelor s degree in a technical field and 5 to 10 years of related experience; or Associates degree in a technical field and 10 to 15 years of related experience. Requires demonstrated in-depth knowledge and skills in a technical specialty.
Level 5: PhD in a technical field and 2 to 5 years of related experience or Master s degree in a technical field and 5 to
10 years of related experience; or Bachelor s degree in a technical field and 10 to 15 years of related
experience; or Associates degree in a technical field and 15 to 20 years of related experience. Requires
demonstrated in-depth knowledge and skills in a technical specialty. Recognized as an expert in their field
Level 6: PhD in a technical field and 5 or more years of related experience or Master s degree in a technical field and
10 or more years of related experience; or Bachelor s degree in a technical field and 15 or more years of
related experience; or Associates degree in a technical field and 20 or more years of related
experience. Requires demonstrated in-depth knowledge and skills in a technical specialty. This level is
recognized as an expert in their field.