Job details
Salary $83,100 - $142,000 a year job type full-time
Full job description
Your life`s mission: possible
You have goals, dreams, hobbies and things you’re passionate about.
What’s important to you is important to us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passionsAnd we`re looking for team members who are passionate about our mission—making a difference in military members` and their families` livesTogether, we can make it happen.
Don’t take our word for it.
Military times 2021 best for vets employers
Wayup top 100 internship programs
Forbes® 2021 the best employers for new grads
Forbes® america`s best employers
Newsweek top 100 most loved workplaces
2021 people companies that care
Fortune best workplaces for women
Fortune 100 best companies to work for®
Fortune best workplaces for millennials
Computerworld® best places to work in it
Basic purpose
To provide 3rd tier intermediate cybersecurity event detection and threat analysis for complex events in cloud and hybrid environmentsTo lead the analysis of cyber event data and other sources for indicators of cyber threat/attack and potential network compromiseCollaborate in complex, sensitive incident response activities applying knowledge of computer and network architecture to provide analysis during investigations, identifying adversarial activity and methods for future detection and preventionServe as subject matter expert within information security to identify threats within the navy federal environment through real time analysis of logs and alerts.
Responsibilities
Develop content for cyber defensive tools.
Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
Coordinate with enterprise-wide cyber defense staff to validate network alerts.
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
Perform security reviews and identify security gaps in hybrid security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
Determine tactics, techniques, and procedures (ttps) for intrusion sets.
Examine network topologies to understand data flows through the network.
Monitor external data sources (e.g., cyber defense vendor sites, computer emergency response teams, security focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
Work with stakeholders to resolve computer security incidents and vulnerability compliance.
Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.
Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [ids] logs) to identify possible threats to network security.
Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
Perform cyber defense trend analysis and reporting.
Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support incident response teams (irts).
Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness).
Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
Perform advanced security event detection and threat analysis for complex and/or escalated security events
Perform advanced intelligence analysis using analytical tradecraft methods and forensic tools
Provide log/network/malware/device analysis; make recommendations for remediation of security vulnerability conditions
Provide independent critical thinking to diagnose and analyze threat intelligence data; and make decisions on the most effective response and remediation
Leverage open source research, network, and host forensic analysis, log review and correlation to support investigations
Perform other duties as assigned
Qualifications
Intermediate skill monitoring and analyzing logs and alerts from a variety of different technologies, including ids/ips, firewall, proxies, and anti-virus across multiple platforms
Intermediate skill to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing cyber threats
Intermediate skill in cloud security event detection, threat analysis of complex events, and content management
Effective skill to leverage online research tools to identify and navigate online forums, specialized web sites, social media, and traditional sources
Experience in coordinating and responding to events on all of the monitored networks and the systems on those networks
Experience in collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources to document results, analyze findings and provide business unit intelligence
Experience in incident response in hybrid models
Intermediate experience in analyzing, correlating log events for cloud technologies during complex investigations and to develop detections
Experience in analyzing security systems, and how changes in conditions, operations, or the environment will affect these outcomes.
Experience in applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Intermediate knowledge of security architectures, devices, proxies, and firewalls
Intermediate knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, procedural language/structured query language [pl/sql] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
Outstanding verbal and written communication skills for reporting complex technical situations to various audiences, including executive leadership and nontechnical staff.
Intermediate research, analytical, and problem solving skills
Intermediate skill presenting findings, conclusions, alternatives and information clearly and concisely
Intermediate skill working with all levels of management, supervisors, stakeholders and vendors
Required: experience with security tools related to enterprise log management, idp/ids, antivirus, firewalls, proxies, dlp, forensic analysis, malware analysis and siem
Required: experience in cybersecurity analysis, incident response, or a related field with increasing responsibility
Desired: intermediate skill in analyzing log events for cloud technologies to facilitate development of cyber defense detections
Desired: az-900, az-140, az-500 or other related cloud security certifications
Desired: cysa+, casp+, cissp or other related information security certifications
Desired: bachelor degree in cybersecurity or related discipline
Desired: intermediate skill in identifying gaps in technical capabilities
Desired: intermediate knowledge of it security standards and frameworks (e.g., mitre att&ck )
Desired: intermediate skill in analyzing log events for cloud technologies to facilitate development of cyber defense detections
Desired: experience creating correlation content in a siem tool
Hours: monday - friday, 8:00am - 4:30pm (shift work required, evenings and/or weekends required, holidays required)
Location: 820 follin lane, vienna va 22180 | 5550 heritage oaks dr pensacola, fl 32526 | remote
Navy federal is now hybrid! our standard enterprise requirement for a hybrid schedule is to report onsite 4-16 days each monthThe number of days reporting onsite will ultimately be determined by the employee`s leadership and business unit needsYou will learn more throughout the hiring and onboarding process.
Salary: navy federal credit union assesses market data to establish salary ranges that enable us to remain competitiveYou are paid within the salary range, based on your experience, location and market position.
Salary range: $83,100 to $142,000
Equal employment opportunity
Navy federal values, celebrates, and enacts diversity in the workplaceNavy federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, armed forces service medal veterans, recently separated veterans, and other protected veteransEoe/aa/m/f/veteran/disability
Covid-19 vaccine information
As a covid-19 safety measure, our employees must either provide proof of covid-19 vaccination or follow additional safety protocols, including testing.
Disclaimer
Navy federal reserves the right to fill this role at a higher/lower grade level based on business needAn assessment may be required to compete for this position.
Bank secrecy act
Remains cognizant of and adheres to navy federal policies and procedures, and regulations pertaining to the bank secrecy act.
Employee referrals
This position is eligible for the talentquest employee referral programIf an employee referred you for this job, please apply using the system-generated link that was sent to you.
Hiring insights
Job activity
Posted 30+ days ago
