Work Location: Fort Meade MD
Roles & Responsibilities: Full Time Exempt position
The Cyber SME III will work and operate in a TS/SCI and SAP/SAR environment. Includes all the knowledge and experience of Cyber SME I & II plus the following.
Must be familiar with the latest Cybersecurity T&E methodologies and critical mission impact measures.
Must be knowledgeable of the four designated Cyber ranges -- The Joint Information Operations Range (JIOR), the National Cyber Range Complex (NCRC); the DoD Cybersecurity Range (CSR); and the Cyber, Command, Control, Communications, and Computers (C5) Assessments Division (C5AD) test capabilities -- and other related capabilities, such as the Joint Mission Environment Test Capability (JMETC) Multiple Independent Levels of Security (MILS) Network (JMN), the Persistent Cyber Training Environment (PCTE) and related discrete Cyber test capabilities in the DoD Components, National Labs, Universities and industry. Intimate knowledge of Offensive Cyber Operations; Defensive Cyber Operations; the Cyber Assessment Program; Individual program or area Cyber assessments; Persistent Cyber [Threat] Operations; Auto-OPFOR tools; Cyber mission environment emulations; Related Traffic generation tools; Cyber threat simulations; Cybersecurity Intrusion Detection Systems; and network vulnerability analysis tools is essential.
Must understand IA principles and design requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation.
Applicant shall possess strong problem-solving, analytical, communication and interpersonal skills and have solid knowledge or experience in several of the following areas:
- Versed in Cyber Threat Actor Tactics, Techniques and Procedures (TTPs)
- Conduct trending and correlation of various cyber intelligence sources for the purposes of indicator collection, shifts in TTPs, attribution and establishing countermeasures to increase cyber resiliency.
- Deep understanding of Cyber Kill Chain and applicable analytic models such the Diamond Model
- Data mining that supports threat assessment development
- Development analytical products and reports
- Network and Internetwork Routing - Domain Name System protocol and architecture
- How an Antivirus program works
- How an Intrusion Detection System works
- How exploitation, implants, and beacons work
- Building effective communications to explain complex technical information to wider audiences
- Effective writing skills
Work and operate in a TS/SCI and SAP/SAR environment - (Sensitive Compartmented Information Facility (SCIF))
Normal work days are Monday thru Friday. Office hours are typically 8am-5pm.
Travel < 20%.
- Bachelor's degree plus 8 years of relevant experience, OR a Master's degree plus 6 years of relevant experience, or a Doctoral degree plus 4 years of relevant experience. A high school diploma or GED plus 12 years of relevant experience, or an Associate's degree plus 10 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position.
- Degree in a liberal arts field (e.g., English, History, Communications, Languages and Cultures, International Relations, and Political Science) is preferred, but a degree in any field is acceptable.
- Relevant experience must be in threat, intelligence, or traffic analysis (preferably in the military or IC).
- Experience in multi-source or technical threat analysis (e.g., SIGINT, ELINT, FISINT, Open-Source, and Geospatial) is preferred.
- Basic coding in scripting languages such as Python, R, or Ruby
- Calculating statistical significance and principle component analyses
- Basic Scripting for the GHOSTMACHINE environment
- Leveraging LABBENCH + Jupyter to interface with GMAE - TCP/IP: three-way hand-shake, reconstruction
- One of the following certifications: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GCIH, CCFP, CCSP, CISSP, CSIH, CHFI, LPT, ECSA, OSCP, OSCE, OSWP, OSEE, EnCE
- Current Driver License.
- U.S. Citizenship.
- Must Currently Possess Top Secret/SCI
All candidates will be required to pass a consumer report and/or consumer investigation to include SSN, Driver Record, Credit, and Criminal Background Investigation.
All responses will be handled with strict confidentiality.
Systems Application & Technologies, Inc. is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.