Mid-Level Cyber Threat Emulation Analyst

Mid-Level Cyber Threat Emulation Analyst
Cyber Security 4
Redstone Arsenal
Huntsville, AL

HX5 is an award-winning provider of engineering, research and development, and technical services to clients such as NASA and the Department of Defense. Founded in 2004, HX5 is a fast-growing veteran- and woman-owned company with locations nationwide.

HX5 is currently seeking a skilled and motivated Mid-Level Cyber Threat Emulation Analyst to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract.

Essential Duties and Responsibilities:

• Perform Defensive Cyber Operations (DCO)/Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM).
• Perform cybersecurity duties on customer networks (proactively and reactively) to improve enterprise-wide security posture.
• Analyze correlated assets, threat, and vulnerability data against known adversary exploits and techniques to determine
  impact and improve network defensive posture.
• Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation.
• Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
• Generate vulnerability assessment reports for customers and escalate for further review.
• Support Incident Response across the enterprise IAW DoD regulations and instructions.
• Lead cyber events and incident investigations from start to conclusion, to include gathering data, analysis, and reporting.
• Assist in developing an Exploitation Analyst training plan by instructing, evaluating, and mentoring junior, mid, and senior analysts.
• Receive, review, and implement directed Higher Headquarters Tasking Orders (HHQ) and/or Fragmentary Orders
  weekly.
• Perform Cyber Threat Emulation (CTE) actions with Automated Security Validation toolset as directed by HHQ
• Execute CTE actions within the approved network zones with the specific adversary tactics, techniques, and procedures (TTPs) documented in each engagement to assess toolset detection and alerting.
• Create custom dashboards and reports to communicate post engagement analysis of each CTE engagement, including identified vulnerabilities, recommended remediation steps, assessment of the system's security posture, and incident response to government within a specified amount of time after completion of engagement.
• Draft and submit Cyber Tasking Orders (CTOs) to remediate issues found in report finding during CTE actions.
• Collaborate with the Cyberspace Domain Awareness (CDA) to develop evaluation criteria and methodologies aligned with HHQ inspection requirements and industry best practices.

Education and Experience:

• Must have 6, or more, years of general (full-time) work experience
• Must have 4 years of combined experience with:
• Performing manual or automated penetration test in an enterprise environment
• Practical experience with vulnerability assessment, cybersecurity frameworks, or conducting risk assessments
• Experience performing the full life cycle of incident response and enterprise-level monitoring
• Must have 1 year experience in management or leadership in a team environment
• Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CySA+, GICSP, GSEC,
  Security+ CE, SSCP)
• Must have, or obtain within 6 months of start date, a PenTest+ certification
• Must have an active DoD Secret Security Clearance

Desired Requirements:

• Have a Bachelor's degree, or higher, in Cybersecurity, Computer Science or related field
• Have experience with Cyber Threat Emulation tools, policies, and procedures
• Have experience operating custom software on top of a Linux platform
• Have experience with security analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network
  Devices, and Operating Systems (e.g., Windows, and Linux)
• Have experience with other Security Operations Centers (SOC)/DCO tools/applications, such as Firewalls, Intrusion
  Detection Systems / Intrusion Prevention Systems, Network Security Manager, Bluecoat, Barracuda, etc.
• Have experience performing security compliance scans across a WAN (ACAS/Nessus preferred)
• Have a background in configuration, troubleshooting, and deployment of host-based security (ESS preferred)
• Be able to mentor and train personnel in an evolving, high-paced environment
• Be familiar with DoD Security Operations Centers (SOC) (aka CSSP)
• Be familiar with DCO/Cybersecurity Service Provider (CSSP)-guiding security policies and procedures
• Have an active DoD Top Secret clearance

Position Type/Expected Hours of Work:

This is a full-time position requiring 40 hours per week and offers a flexible work schedule Monday through Friday during core business hours.

Other Position Requirements:

• Proof of U.S. Citizenship or US Permanent Residency is a requirement for this position.
• Must be able to complete a U.S. government background investigation.
• Must be able to obtain a Secret clearance.
• Must be able to travel, including air travel.
• Must have a valid Drivers License.

HX5 offers a competitive salary and benefits package to include:

• Medical/Dental/Vision Insurance
• 401(k) plan with Company Match
• Paid Holidays
• Paid Time Off
• Parental Leave
• Life Insurance
• Tuition Reimbursement
• Medical and Dependent Care Flexible Spending Accounts
• Pet Insurance

HX5, LLC is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, age, national origin, ancestry, citizenship, disability, or veteran status.

HX5, LLC is a Drug Free Workplace Employer.

ACCESSIBILITY NOTICE:
If you need a reasonable accommodation for any part of the employment process due to a physical or mental disability, pleasecall (850) 362-6551.

CJ