Cyber Operator
CNF Technologies - scott air force base, IL
Apply NowJob Description
CNF Technologies is currently looking to hire a Cyber Operator on a full time, permanent basis. This opportunity must be performed onsite at either Lackland AFB in San Antonio, TX or Scott AFB in Belleville, IL. An active TSSCI security clearance (minimum) is required.Title: Cyber OperatorLocation: Lackland AFB in San Antonio, TX - OR - Scott AFB in Belleville, ILSummary:Serve on a Cyber Protection Team (CPT) in either a Cyber Security Network Analyst position or Cyber Security Host Analyst position. The operator will conduct cyber threat hunting, network navigation, tactical forensic analysis, forensic collection of digital artifacts and other valuable operational data, and when directed, execute operations in support of defensive initiatives. Operators will provide support for persistent monitoring of all designated networks, enclaves, and systems. Candidate may be required to interpret, analyze, and document findings in reports in accordance with computer network directives, including initiating, responding, and reporting discovered events. Candidates may be required to manage and execute first-level responses and address reported or detected incidents.Required Certifications:DoD 8570 IAT Level III certification (current)Possess, or be willing to obtain within 6-months of start date, an additional certification related to your specific role (Host or Network):**Host - Operating system certification (i.e., Linux+, Windows Server, GCIH, etc.)**Network - Network related certification (i.e., Network+, CCNA, GCIH, etc.)Required Qualifications:Three or more years' experience in cyber security requiredActive TSSCI security clearance requiredExperience with toolsets such as the Elastic Stack, Arkime, Zeek, Wireshark, Metasploit, tcpdump, NMap, Nessus, Snort, EnCase, and Forensic ToolkitStrong knowledge of Windows Fundamentals, UNIXLinux fundamentals, and adversary Tactics, Techniques, and Procedures (TTPs), such as initial access, credential access, privilege escalation, persistence, lateral movement, and exfiltrationExperience with scripting and Command Line tools, such as UNIXLinux Bash, Windows Command Line Interface (CLI), PowerShell, and PythonProficient in writing, editing, executing scripts on Windows, UNIXLinux systemsExperience with encrypted and unencrypted remote access technologies, such as RDP, SSH, VPN, Telnet, and FTPGeneral knowledge of cyber security frameworks, such as the Cyber Kill Chain, MITRE ATT&CK, and the NIST 800 seriesGeneral knowledge of physical computer components and architectures, including the functions of computer domains, directory services, various components and peripherals, basic programming concepts, assembly codes, TCPIP, OSI models, underlying networking protocols (e.g., DNS, ARP, etc.), security hardware and softwareProficient in collecting and analyzing digital data, recording detailed notes, and documenting findings in reportsCandidate must be self-motivated and able to perform with minimal supervisionPreferred Qualifications:Knowledge of cyber forensic collection, preservation, and chain of custodyExperience with Endpoint Detection and Response (EDR) toolsets, such as Elastic Endpoint Security, Endgame, CrowdStrike Falcon, and Trellix EDRExperience with encryption, decryption, and hashing technologies such as DES, AES, RSA, PKI, SHA, and MD5Knowledge of Red Team Tactics, Techniques, and Procedures (TTP)Knowledge of distributed systems, process control, advanced routing, wireless, cloud, telecom and datacom platformsKnowledge of virtualization concepts, technologies and tools, such as VMwareVirtual Box, Docker, Kubernetes, and CephFamiliarity with Cloud Computing concepts, technologies, and tools, such as AWS, Azure, and Google CloudExperience programming in C, C++, C#, Ruby, Perl, Python, SQLAdditional Requirements:Travel may be required up to 25%Must successfully complete, and maintain, mission qualification requirements
Created: 2024-10-18