Cyber Security Analyst – Threat Emulation

CYBER SECURITY ANALYST – THREAT EMULATION (JBSA-21-0344-W) Bowhead seeks a Cyber Security Analyst – Threat Emulation to support the AFCERT DCO HAC contract in San Antonio, TX. The ability of the AFCERT to complete its mission is dependent upon the ability to develop methods to identify, contain, log and analyze security vulnerabilitiesholes on Air Force systems CTEA analyst contractor employees may be required to provide 24 hour coverage (work) for seven (7) days a week, 365 days a year with zero tolerance for error. bull Conduct both automated and manual enterprise vulnerability assessments, including conducting regular patch configuration vulnerability assessments as directed by operational flight leads. bull Conduct Cyber Threat Emulation operations, and coordinate with security teams to strengthen the overall security posture of the AFNet and AFIN various tools and capabilities. bull Test for real-time security vulnerabilities, conduct assessments, and assess vulnerability risk and impact. bull Continuously develop and maintain safe and valid procedures to actively test Enterprise defensive measures. bull Develop mitigations, policies, and procedures to coordinate with internal teams. bull Work with incident response team to develop response policies and procedures. bull Generate threat intelligence indicators during the course of Cyber Threat Emulation operations and provide reports back to operators. bull Coordinate with internal and external intelligence teams in order to replicate threat actor (TA) Techniques, Tactics, and Procedures (TTPs). bull Research Evaluate threats and vulnerabilities to assist in the prioritization of remediation actions. bull Utilize knowledge and understanding of the Cyber Threat Framework (ODNI) and production of Threat Emulation findings. bull Utilize the MITRE ATTCK framework to perform cyber security operations testing, and develop improvements based upon adversary behavior. bull Formulate, lead and persuade individuals, large teams and communities on ideas, concepts, and opportunities. bull Leverage research, frameworks, and best practices on the latest exploits and security trends and currency on industry trends and provide operational reportsassessments for development of tactics, techniques, and procedures. bull Provide OJT to other contractor employees, military, andor civilian personnel, and ensure continuity foldersworking aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate. bull Create, document, and report metrics for analysis to improve weapon system processes and mission execution. bull Provide information to operational leaderships tasking as required as it relates to CTE actions Bowhead seeks to network with qualified individuals relative to a potential opportunity, which is contingent upon award and not currently funded. Please click the link at the bottom of this posting to apply for consideration. Incumbent employees are encouraged to respond. No solicitations or third party applications will be accepted. Requirements Five (5) years of penetration testing experience. Demonstrated advanced knowledge of cyber security operations with master of two or more of the following attack surface management, Security Operations Center (SOC) operations, Intrusion DetectionIntrusion Prevention Systems (IDSIPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits incident response, investigations and remediation. Experience with PowerShell, BASH or Python scriptingprogramming language. Must have a strong understanding of Linux Operating System. Extensive knowledge of MITRE ATTCK framework, and its uses within the cybersecurity community (e.g., Open Source projects) bull BABS Computer Science, Computer Engineering, Computer Information Systems, Computer Systems Engineering or related degree preferred bull Demonstrates in-depth knowledge and understanding of the Computer Forensics Analyst activities required to meet mission requirements bull Must be able to travel on short notice Certification Requirements bull IAT Level III CND compliance. bull GDAT and OSCP or GPEN. SECURITY CLEARANCE REQUIREMENTS Must currently hold a security clearance at the Top SecretSCI level. US Citizenship is a requirement for Top Secret clearance at this location. Applicants may be subject to a pre-employment drug alcohol screening andor random drug screen, and must follow UIC’s Non-DOT Drug Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicant’s resumeapplication may be subject to verification. Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification. In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes. UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOEAAMFDV. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act. All candidates must apply online at www.uicalaska.com, and submit a completed application for all positions they wish to be considered. Once the employment application has been completed and submitted, any changes to the application after submission may not be reviewed. Please contact a UIC HR Recruiter if you have made a significant change to your application. In accordance with the Americans with Disabilities Act of 1990 (ADA), persons unable to complete an online application should contact UIC Human Resources for assistance (httpsuicalaska.comcareersrecruitment). UIC Government Services (UICGS Bowhead) provides innovative business solutions to federal and commercial customers in the areas of engineering, maintenance services, information technology, program support, logisticsbase support, and procurement. Collectively, the fast-growing Bowhead Family of Companies offers a breadth of services which are performed with a focus on quality results. Headquartered in Springfield, VA, we are a fast-growing, multi-million-dollar corporation recognized as one of the top 25 8(a) companies for government contracting. Bowhead offers competitive benefits including medical, dental, vision, life insurance, accidental death and dismemberment, shortlong-term disability, and 401(k) retirement plans as well as a paid time off programs for eligible full-time employees. Eligible part-time employees are able to participate in the 401(k) retirement plans and state or contract required paid time off programs. Link to Apply httpsrn21.ultipro.comUKP1001JobBoardJobDetails.aspx?ID48CE8CB998A2755D LI-SW1 UIC and its Family of Companies is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOEAAMFDV. Equal Opportunity EmployerProtected VeteransIndividuals with Disabilities. Please view Equal Employment Opportunity Posters provided by OFCCP here . The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)