About Peraton
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
Responsibilities
Peraton is seeking a Senior Gap Team Analyst to become part of Peraton’s Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective and secure business processes. You will be a part of the Cyber Incident Response Team (CIRT).
Location: Arlington, VA.
In this role, you will:
- Support the Department of State Red Cell Team by performing Gap Analysis of customer systems during penetration tests.
- Monitor Red Cell activities to identify detection gaps and develop recommended remediations to satisfy mandated NIST 800-53 security controls.
- Report and demonstrate findings to system owners and engineers.
- Support incident response teams through capability enhancement.
- Research and integrate current trends in detecting vulnerabilities and attacks.
#DSCM
Qualifications
Basic Qualifications:
- Bachelor of Science and 5 years of IT security related experience, with 3 years being cybersecurity experience. In lieu of a degree, 4 years of additional IT security or cybersecurity experience may be considered.
- Master of Science and 3 years of IT security related experience, with 1 year being cybersecurity experience.
- Must have at least ONE of the listed certifications:
- CCNA Cyber Ops
- CCNA-Security
- CEH
- CFR
- Cloud+
- CySA+
- GCIA
- GCIH
- GICSP
- SCYBER
- Security+ CE
- SSCP
- Advanced understanding of the following:
- Security principles such as CIA, IAAAA, access control models, risk management, etc.
- Networking principles and technologies such as IP routing, TCP/UDP, VPNs, firewalls, NAT, etc. and the analysis of network logs and packet captures.
- Operating system principles such as process management, device management, user management, file systems, etc. and forensic procedures for Windows/Unix systems.
- Data processing principles such as encoding, hashing, encryption, etc.
- Common application vulnerabilities and exploits such as outdated components, permissions misconfigurations, lack of input validation, logging/monitoring failures, etc. and how hacking tools exploit vulnerabilities in enterprise networks.
- Threat detection and hunting methodologies using modern Endpoint Detection and Response tools.
- Security Information and Event Management systems and techniques to leverage advanced statistical features.
- Basic understanding of the following:
- NIST Risk Management Framework (RMF) and the Assessment and Authorization (A&A) process.
- Active Directory (AD) administration and security.
- Public Key Infrastructure (PKI) and navigating IT environments implementing multi-factor authentication.
- Cloud platforms and logging capabilities including Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), etc.
- Demonstrated ability in evaluating detection gaps, performing root cause analysis, and reporting findings utilizing methodologies such as NIST SP 800-115, NIST SP 800-61, etc.
- Demonstrated ability to work within a small group under the direction of an Expert Gap Analyst. Potential to lead a Gap Analysis.
- U.S. citizenship required
- Active Secret security clearance with the ability to obtain a Top Secret security clearance.
Preferred Qualifications:
- One of the following certifications or an alternate, verifiable advanced certification demonstrating IT security competence:
- CompTIA CASP+
- ISC2 Certified Information Security Professional (CISSP)
- ISC2 Certified Cloud Security Professional (CCSP)
- ISC2 Information Systems Security Engineering Professional (ISSEP)
- GIAC Defending Advanced Threats (GDAT)
- GIAC Certified Incident Handler (GCIH)
- Blue Team Level 2 (BTL2)
- One of the following certifications or an alternate, verifiable advanced certification demonstrating SIEM incident response competence:
- Splunk Core Certified User
- Splunk Core Certified Power User
- Elastic Certified Analyst
- Microsoft Certified: Security, Compliance, and Identity Fundamentals
- GIAC Certified Detection Analyst (GCDA)
- Active Top Secret or TS/SCI.
Target Salary Range
$86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.
SCA / Union / Intern Rate or Range
EEO
An Equal Opportunity Employer including Disability/Veteran.