Cyber Defense Endpoint Analyst

The Cyber Defense Endpoint Analyst (Level 2) performs advanced network monitoring, threat analysis, and intrusion detection in support of enterprise defense operations., * Threat Detection and Response: Utilize EDR tools to monitor for suspicious activity, such as ransomware, and perform automated or manual actions to isolate threats.

• Log Analysis and Monitoring: Review endpoint logs and security event to identify anomalous activity
• Perform advanced manual threat hunting
• Conduct PCAP and packet-level analysis
• Perform network traffic, protocol, and netflow analysis
• Analyze malicious activity and identify exploited weaknesses
• Correlate enterprise security events for situational awareness
• Understand IDS/IPS tuning and Snort filters
• Identify Command and Control (C2) indicators
• Detect host- and network-based intrusions

• Four (4) years of demonstrated experience as a Cyber Defense Analyst in programs and contracts of similar scope, type, and complexity is required. A technical bachelor's degree from an accredited college or university may be substituted for two (2) years of CDA experience.
• Must have strong ability to investigate, triage alerts, and think critically.
• Must have strong Windows background
• 1 year TCP/IP fundamentals
• 1 year experience with network traffic analysis tools (e.g., Wireshark, tcpdump)
• 2 years SIEM experience (e.g., Splunk, ArcSight, Kibana)
• 2 years network and threat analysis experience
• Splunk "Fundamentals I" course completion
• DoD 8570 CSSP Analyst baseline certification
• DoD 8570 IAT Level I or II
• CE certification
• 2 years maintaining or managing cloud environments (Azure, AWS)
• US citizenship and an active TS/SCI with Polygraph security clearance required

For the OPS Consulting team, 'the power to help' means helping our clients, helping serve the mission, helping our employees and their families, and helping the community. Headquartered in Hanover, MD. OPS Consulting has over two decades of experience specializing in the most mission-critical operations. We are thought leaders and innovators. The ingenuity of our developers, engineers, cyber experts, linguists, and analysts are dedicated to empowering our clients, fulfilling The Mission, and remaining trusted leaders and advisers in national security and technology solutions.