US Government, Houston Information Technology Services

Applications accepted from: ALL PERSONS

Job Classification: IT Professional  – Security (Cyber Security Analyst)                                
Posting Number:  28419               
Division: Cyber Security                                            
Reporting Location: 611 Walker                    
Workdays & Hours: Monday – Friday 8:00 a.m. – 5:00 p.m.* *Subject to Change    
***THIS IS NOT A REMOTE POSITION***                                                    
Duties, functions and responsibilities of this position include:

  • Supports cyber security initiatives through both predictive and reactive analysis
  • Performs threat and vulnerability assessments and provides subject matter expertise on appropriate threat mitigation approaches
  • Identifies intrusion activity by leveraging alert data from multiple sensors and systems and determines priority for response
  • Monitors, evaluates, and assist with the maintenance of assigned security systems in accordance with industry best practices to safeguard internal information systems and databases
  • Uses attack signatures and tactics, techniques and procedures (TTPs) to aid in threat detection and discovery
  • Conducts basic malware analysis of attacker tools and identifies indicators of compromise (IOC)s
  • Collaborates with other Cyber Division and IT team members to develop and implement innovative strategies for monitoring and preventing attacks
  • Conducts research on emerging security threats
  • Proposes additional components and techniques that could be used to proactively detect and prevent malicious activity
  • Manage the SOC mailbox, and monitor and analyze the emails for threats including phishing and malware, and escalates per procedures
  • Participates in the investigations of information security incidents and may prepare reports on intrusions as required
  • Maintains an understanding of the current threats, vulnerabilities, response and mitigation strategies used to support cyber security operations
  • Logs and records all security incidents to internal ticketing system
  • Collects malware artifacts safely for analysis and incident investigations
  • Examines suspicious emails for malicious content and provide recommendations on remediation actions
  • Performs URL/domain analysis to identify and report any malicious indicators associated with the resource and evaluates associated risks
  • Provides other services as a key member of the Cyber Division including but not limited to:
    • Information security review and approval of changes to COH networks, servers and end devices in collaboration with the Infrastructure Division
    • Security sensor policies for IDS/IPS, Firewalls, web security gateways and logging
    • Continuous control monitoring including baseline security configuration monitoring
    • Investigations and forensics

There are no major sources of discomfort, i.e., essentially normal office environment with acceptable lighting, temperature and air conditions. Significant time spent using computer display, keyboard, and mouse.

Job Overview