DCO Analyst with Security Clearance

Responsibilities

• Perform Security Analysis functions supporting 24/7/365 CSSP operations.
• Monitor, detect, analyze, and respond to cyber threats targeting the DoD Information Network (DoDIN).
• Analyze results of signature detection, anomaly detection, and data visualization-based methods to discover, document, and report malicious and anomalous activity.
• Develop, implement, and maintain methods of detecting malicious and anomalous activity utilizing COTS, GOTS, and open-source tools.
• Analyze Government Furnished Data (GFD) to discover and document reconnaissance efforts, exploitation attempts, post-exploitation events, and actions on objectives.
• Track incident and event reporting to ensure fully effective mitigation and remediation actions.
• Utilize the MITRE ATT&CK Framework to develop, implement, and maintain threat models containing TTPs associated with threats to the DoDIN.
• Monitor DCSB and subscriber environments for technical indicators of insider threat activity.
• Support monthly recurrent briefings providing summative reports of vulnerability data, compliance data, threat data, incident reporting data, and alerting data.
• Conduct cyber attack response and recovery in accordance with DoD and Government instructions.
• Perform continuous monitoring of network traffic on NIPRNet, SIPRNet, DREN, and cloud environments.
• Develop and maintain detection signatures, rules, and alerts for security monitoring platforms.
• Coordinate with external threat intelligence sources and DoD cyber defense organizations.
• Document findings, analysis results, and recommended actions in accordance with CSSP reporting requirements.
• Support vulnerability scanning operations using ACAS/Tenable and endpoint security solutions (ESS/HBSS).
• Participate in incident response activities and forensic analysis as required.

Qualifications

• An AA or Bachelor's Degree in a related technical field is required, however, can be replaced with 3 years of relevant industry experience (in addition to the minimum years of experience requirement).
• Minimum three (3) years of experience in cybersecurity analysis, threat detection, or related field.
• Experience with intrusion detection systems (IDS/IPS) and Security Information and Event Management (SIEM) platforms (e.g., Elasticsearch, Splunk).
• Knowledge of common attack vectors, malware analysis, and threat intelligence methodologies.
• Proficiency with vulnerability scanning tools (ACAS/Tenable) and endpoint security solutions (ESS/HBSS).
• Experience analyzing network traffic and security events on classified and unclassified networks.
• Familiarity with the MITRE ATT&CK Framework and cyber threat intelligence practices.
• Knowledge of TCP/IP protocols, network architecture, and common network services.
• Experience with log analysis, packet capture analysis, and security event correlation.
• ITIL Foundations certification required within three (3) months of start date.
• Certifications:
  • IAT
  • I CompTIA Security +CE, A+, CySA+, SSCP, CCNA - Security, GICSP, GSEC
• Clearance:
  • TS/SCI Clearance required.

Location

• Adelphi, MD

Compensation

• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.

Benefits

• Health insurance
• Dental insurance
• Vision insurance
• 401(k) match
• Paid Time Off
• Short-term disability insurance
• Long-term disability insurance
• Life insurance
• Referral Bonuses
• Professional development reimbursement
• Parental leave

About Tyto Athene

Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core…