Cyber Operations Analyst Job Description
Cyber Operations Analyst Duties & Responsibilities
To write an effective cyber operations analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included cyber operations analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Cyber Operations Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cyber Operations Analyst
List any licenses or certifications required by the position: CISSP, SANS, GIAC, CEH, IAT, GCIA, III, II, IAM, CISA
Education for Cyber Operations Analyst
Typically a job would require a certain level of education.
Employers hiring for the cyber operations analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Education, Technical, Engineering, Cyber Security, Information Technology, Science, Information Security, Technology, Computer
Skills for Cyber Operations Analyst
Desired skills for cyber operations analyst include:
Desired experience for cyber operations analyst includes:
Cyber Operations Analyst Examples
Cyber Operations Analyst Job Description
- Provide intelligence support for intelligence and command training
- Build and maintain continuity books, standard operating procedures (SOP), spreadsheets and visualization charts, such as Analyst Notebook, to ensure all research and background knowledge is captured and documented
- Participate in meetings, briefings, conferences and symposiums as directed
- Clearly and effectively communicate through written and verbal communications with senior government personnel ranging from intelligence analysts, planners and operators to senior decision-makers
- Work as part of a 24/7/365 team delivering real time proactive monitoring and maintenance of supported security tools and associated rules and signatures
- Analyze and respond to security events from firewalls, IDS, IPS, SIEM, Web Application Firewall (WAF) and other security data sources within documented SLA
- Conduct log and system analysis for various system, and network and security devices capabilities to including NexGen Firewalls, WAFs, Database monitoring solutions, Identity Management Solutions, Virtualized platforms, Linux/Unix and Windows operating systems
- Provide intrusion detection monitoring and incident management, to include installation, configuration, operation, and system administration of the GFE intrusion detection monitoring and incident management tool suite on-site 24x7 at Scott AFB
- Provide on-site support at locations other than Scott AFB will be on an as needed basis and as directed by the government
- Use intrusion detection monitoring and incident management tool suite consisting of network and host based sensors, log consolidation mechanisms, analysis platforms and other products that may be directed or procured
- Candidate must hold and be able to maintain a SECRET clearance
- Ability to read and understand alerts from various security devices (to include SourceFire, BlueCoat, Symantec)
- Bachelor's degree in engineering, physics, mathematics, or related field preferred
- Six or more years of experience in systems or military operations research
- Experience working with product and operations domains under analysis
- Experience working with applied statistics
Cyber Operations Analyst Job Description
- Respond and manage security events
- Responsible for modeling complex problems and delivering business-focused analysis, reporting and recommendations
- Integrate and prepare large, varied datasets from which to extract meaningful insights
- Design/build specialized database and computing environments
- Work closely with data custodians, project/program managers and other IT teams to turn data into crucial insights and knowledge that can be utilized to make informed organizational decisions
- Analyze event/alert patterns to properly interpret and prioritize threats with available DLP tools and other data protection devices
- Recommend enhancements to monitoring systems used to detect and report security violations
- Assist in first response support to correct improperly implemented rules and alerts and emerging threat intelligence
- Triage advanced vector attacks such as botnets and advanced persistent threats (APTs)
- Recommend tuning of IDS, proxy policy, in-line malware tools based on threat feeds, trust and reputation data, incidents, or vulnerabilities and exploits of downstream systems
- Volume events
- Bachelor’s degree in Computer Science, Information Technology, Information Assurance, or related field
- Requires shift work in a 7x24 Cyber Security Operations Center and be available for on-call rotation as needed
- Prior work experience serving CIOs, CROs, and CISOs as a cyber security advisor
- Min 3+ years of experience in operational cyber security, with demonstrated passion for the topic
- Shift work in a 7x24 Operations Center
Cyber Operations Analyst Job Description
- Assist in the development of use cases from to fulfill gaps that may be identified using a number of security tools
- Work closely with Application Security Team and observe security penetration testing efforts to identify opportunities to improve security processes and recommend changes as need
- Be able to communicate findings or new rule logic on a technical logical level to teams and leadership
- Have the ability to communicate clearly, confidently, and professionally
- Monitor and manage communications between the technology teams at JPMC, the CAT team and vendors
- Build partnerships and interact with third party vendors and other stakeholders
- Test schedule management utilizing Access Database, PEGA and SharePoint
- Assist with providing ad-hoc analysis and reports on test results utilizing Excel and other MS products
- Support the DAST Team through test approvals and responding to line of business requests
- Lead analysis and triage activities
- Must be able to work any shift, including nights, weekends and overnights
- Perform analysis on data collected from modeling, simulation and /or test events focused on the Army's tactical networks
- Process and understand raw data and distill to high level data and visualization products
- In depth understanding of tactical networks to be able to ascertain impacts and effects of external events/activities to the network
- In depth understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses
- BS (or equivalent) and 9 years of experience related to Air Operations Center operations or equivalent in other domain
Cyber Operations Analyst Job Description
- Lead Analyst activities stemming from significant events or incidents
- Mentor Tier-1 Analysts
- Assist in administrating the team’s centralized Outlook mailboxes
- Create and update various documents including SOP’s
- Swivel ticket information between ITSM tools
- The successful candidate must be available to cover early or late day work schedules as required
- Lead protection including solution monitoring, management, and reporting
- Lead preventative maintenance, proactively resolve potential issues, and coordinate root cause analysis
- Lead vendor coordination for security updates (including support for incident response)
- Lead advanced troubleshooting (Tier 3) for endpoint and mobility solutions
- Experience in tactical network and associated waveforms and transmission systems
- Strong understanding of security vulnerability types attack and remediation methods
- Security Certifications (Security+, Network+, CEH, CISSP, or equivalent)
- Cyber Defense Club membership a plus!
- Operating space-domain, and related, capabilities that deliver effects to warfighters o Understanding of the space-based DoD and NRO systems and operations
- Applying analytical problem-solving related to tactical, operational and strategic warfare planning and execution
Cyber Operations Analyst Job Description
- Ensure assets comply with security requirements
- Ensure solutions are logged and monitored according to defined requirements
- Partner with operations resources and other staff to maintain and verify processes, standards, and architectures
- Maintain subject matter expertise of security technologies, issue resolution, and support methodologies
- Conduct analysis and triage activities
- Develop Use-Cases in support of advanced threat hunting
- Lead and deliver activities within the continuous programme of cyber security improvement relating to cyber security monitoring and incident response for systems and infrastructure
- Operation and optimisation of security tooling/products, including anti-virus, encryption technologies, network security (IDS/IPS/Firewalls), logging and auditing, event and incident management, privileged access management
- Makes suggestions on tuning IPS Platforms, Firewall Policies, and other security devices and be innovative on their use
- Accountable for Security infrastructure change
- Knowledge and experience as an Application Developer or Application Security expert in working with Static Scanning tools HP Fortify, IBM Appscan
- Must currently hold a minimum of an active TS Department of Defense Security Clearance
- 10+ years of experience in networking, network data analysis, and tactical network
- Demonstrated working knowledge of missions, structures, capabilities, and policies across the cyber security, IC, law enforcement, and homeland security communities
- Strong background in data modeling and statistics
- Multithreaded and/or cluster computing/big data experience (e.g., SMP, Hadoop, etc)