Skip navigation
Unable to save this job. Please try again later.


Email this Job to Yourself or a Friend

To begin the application process, please enter your email address.

Company Contact Info

Already have an account?

Sign in to apply with your saved resumes.

New to CareerBuilder?

Don't have an account? Continue as a guest!

Sorry, we cannot save or unsave this job right now.

Report this Job

Trust and Site Security Team.

Email Send Failed!

IA Computer Security Associate 3 (Cyber Threat Analyst - Deep Dive Analyst)

Salient CRGT • Martinsburg, WV

Posted 23 days ago

Job Snapshot

Experience - At least 10 year(s)
Degree - 2 Year Degree
Government - Civil Service
Information Technology
Relocation - No


How Do You Compare to the Competition?

Get facts about other applicants with a CareerBuilder Account

Job Description

The successful candidate must be well-versed in security operations, cyber security tools, intrusion detection, and secured networks. You will be responsible for coordinating resources across the VA enterprise and consolidating log data into a centralized repository (Splunk) where they will be correlated, analyzed and enriched by other threat analysts to identify Indicators of Compromises (IOCs), Advanced Persistent Threat (APT) and other unauthorized activities on the VA network.


  • Provide proactive event monitoring/event management/configuration of the following security tools for targeted threats and malicious activity including but not limited to: Splunk, Palo Alto Networks, McAfee EPO, Cisco Ironport, Netscout, Sourcefire Defense Center and Bigfix
  • Determine if an event meets the criteria for additional cyber hunt investigation and/or constitutes a security incident subject to investigation and notify team lead or designate within 15 minutes
  • Review audit logs and identify any unusual or suspect behavior
  • Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks
  • Develop and execute custom scripts to identify host-based indicators of compromise
  • Provide advanced technical capabilities to senior leadership, including Big Data Analytics, and Predictive Intelligence
  • Provide proactive APT hunting, incident response support, and advanced analytic capabilities
  • Profile and track APT actors that pose a threat to the organization in coordination with threat intelligence support teams
  • Support the incident response process by providing advanced analysis services when requested to include recommending containment and remediation processes, independent analysis of security events, and reporting of identified incidents to Incident Handling (IH)

Job Requirements

Mandatory Requirements:

  • Competency: Senior Specialist/SME
  • Knowledge: Expert knowledge in specialized functions. Exhaustive understanding of, both general and specific aspects of the job and its application.
  • Problem Solving: Works on unusually complex technical problems and provide solutions which are highly innovative and ingenious.
  • Supervision: Work is unsupervised and assignments are often self-initiated. Work checked through consultation and agreement with client rather than by formal review of superior. May supervise others.
  • Education / Experience: Bachelor’s degree (or Associates degree & 2 years relevant experience with professional certifications, such as CISSP, GREM, or GCIH. Minimum of 6 years information technologies; minimum of 4 years advanced Cyber Threat Information Experience. 4 years of relevant experience with professional certifications, such as CISSP, GREM, or GCIH
  • PWS Specified Certifications: Must have at least one of the following certifications: Certified Ethical Hacker (CEH); Certified Information Systems Auditor (CISA); GIAC Systems and Network Auditor (GSNA); GIAC Certified Incident Handler (GCIH); CERT - Certified Computer Security Incident Handler (CSIH); SPLUNK Certified Knowledge Manager; SPLUNK Certified Admin; SPLUNK Certified Architect
  • Background Investigation: Must be able to pass and maintain a Government Background Investigation

Job ID: 5437
Help us improve CareerBuilder by providing feedback about this job: Report this Job.
For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.
By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.