Peraton is seeking a Senior Gap Team Analyst to become part of Peraton’s Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective and secure business processes. You will be a part of the Cyber Incident Response Team (CIRT). 

Location: Arlington, VA. 

In this role, you will:

• Support the Department of State Red Cell Team by performing Gap Analysis of customer systems during penetration tests.
• Monitor Red Cell activities to identify detection gaps and develop recommended remediations to satisfy mandated NIST 800-53 security controls.
• Report and demonstrate findings to system owners and engineers.
• Support incident response teams through capability enhancement.
• Research and integrate current trends in detecting vulnerabilities and attacks.

#DSCM

Basic Qualifications:

• Bachelor of Science and 5 years of IT security related experience, with 3 years being cybersecurity experience. In lieu of a degree, 4 years of additional IT security or cybersecurity experience may be considered.
• Master of Science and 3 years of IT security related experience, with 1 year being cybersecurity experience.
• Must have at least ONE of the listed certifications:
  • CCNA Cyber Ops
  • CCNA-Security
  • CEH
  • CFR
  • Cloud+
  • CySA+
  • GCIA
  • GCIH
  • GICSP
  • SCYBER
  • Security+ CE
  • SSCP
• Advanced understanding of the following:
  • Security principles such as CIA, IAAAA, access control models, risk management, etc.
  • Networking principles and technologies such as IP routing, TCP/UDP, VPNs, firewalls, NAT, etc. and the analysis of network logs and packet captures.
  • Operating system principles such as process management, device management, user management, file systems, etc. and forensic procedures for Windows/Unix systems.
  • Data processing principles such as encoding, hashing, encryption, etc.
  • Common application vulnerabilities and exploits such as outdated components, permissions misconfigurations, lack of input validation, logging/monitoring failures, etc. and how hacking tools exploit vulnerabilities in enterprise networks.
  • Threat detection and hunting methodologies using modern Endpoint Detection and Response tools.
  • Security Information and Event Management systems and techniques to leverage advanced statistical features.
• Basic understanding of the following:
  • NIST Risk Management Framework (RMF) and the Assessment and Authorization (A&A) process.
• Active Directory (AD) administration and security.
• Public Key Infrastructure (PKI) and navigating IT environments implementing multi-factor authentication.
• Cloud platforms and logging capabilities including Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), etc.
• Demonstrated ability in evaluating detection gaps, performing root cause analysis, and reporting findings utilizing methodologies such as NIST SP 800-115, NIST SP 800-61, etc.
• Demonstrated ability to work within a small group under the direction of an Expert Gap Analyst. Potential to lead a Gap Analysis.
• U.S. citizenship required
• Active Secret security clearance with the ability to obtain a Top Secret security clearance.

Preferred Qualifications: 

• One of the following certifications or an alternate, verifiable advanced certification demonstrating IT security competence:
• CompTIA CASP+
• ISC2 Certified Information Security Professional (CISSP)
• ISC2 Certified Cloud Security Professional (CCSP)
• ISC2 Information Systems Security Engineering Professional (ISSEP)
• GIAC Defending Advanced Threats (GDAT)
• GIAC Certified Incident Handler (GCIH)
• Blue Team Level 2 (BTL2)
• One of the following certifications or an alternate, verifiable advanced certification demonstrating SIEM incident response competence:
• Splunk Core Certified User
• Splunk Core Certified Power User
• Elastic Certified Analyst
• Microsoft Certified: Security, Compliance, and Identity Fundamentals
• GIAC Certified Detection Analyst (GCDA)
• Active Top Secret or TS/SCI.