Job Title: User Activity Monitoring Analyst
Location: Alexandria, VA
Shift: Monday - Friday (Standard hours)
Required Security Clearance: Top Secret – SCI eligible
- DoD 8570 IAT II
- CSSP Analyst
Required Education: Bachelor’s degree in Computer Science or related discipline
Description and Responsibilities:
This position will serve as a member of Joint Service Provider (JSP) User Activity Monitoring (UAM) Team. UAM analysts’ triage, analyze, and assess alerts and document and report findings through a case management system. Information is further shared with impacted parties for follow-on analysis. The UAM team continually deploys, maintains, and tunes countermeasures in response to new or changing insider threat tactics, techniques, and procedures (TTPs). The UAM team also provides information to the UAM Lead to fulfill JSP trending and reporting requirements.
- Triage and analyze UAM alerts
- Document and report findings to impacted organizations
- Provide information to the UAM lead for customer trending and reporting
- Create and implement countermeasures to specific weaknesses against known adversarial TTPs
- Support meetings where UAM representation is needed
- Provide recommendations to contractor and government leadership on ways to improve the UAM program
- Bachelor's degree and 4+ years of professional experience; additional related years of experience is accepted in lieu of a degree
- At least 1 year of incident response experience
- At least 6 months of UAM or insider threat detection experience
- Must have certifications that satisfy DoD-8570 IAT Level II and CSSP Analyst.
- Demonstrated experience with UAM capabilities and common insider threat TTPs.
- Demonstrated knowledge of network traffic and communications, including known ports and services.
- Demonstrated experience with the Windows operating system and other operating systems (e.g., Linux or Unix).
- Demonstrated experience in coordinating with external organizations, especially Law Enforcement and Counter Intelligence
- Knowledge of incident handling procedures.
- Must be Top Secret/SCI eligible.
Work is typically based in a quiet office environment or electronics research lab. Business work hours for this position are based solely on the requirements of the program. Additional details on the precise hours will be informed to the candidate from the Program Manager/Hiring Manager.
Employment Type: Full-Time
Federal Data Systems, LLC offers competitive compensation, a flexible benefits package, career development opportunities that reflect its commitment to creating a diverse and supportive workplace. Benefits include, not all inclusive – Medical, Vision & Dental Insurance, Paid Time-Off & Company Paid Holidays, Personal Development & Learning Opportunities.
This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.
Federal Data Systems, LLC (FEDDATA) is an Equal Opportunity/Affirmative Action Employer. That does not unlawfully discriminate in any of its programs or activities on the basis of race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other basis prohibited by applicable law.