Cyber Countermeasures Engineer

By Light is seeking a Cyber Countermeasures Engineer who's primary duty location is DISA Global Field Command (DGFC), Scott AFB, IL.

Provide direct mission support to government customers at Scott AFB, IL.
• Serve as the cyber countermeasure Subject Matter Expert for a new cyber capability.
• Work directly with customer and commercial vendor cyber fusion/threat analyst teams to develop effective countermeasures addressing a wide range of priority and/or emerging cyber threats.
• Ensure countermeasures are effective in supporting desired mission outcomes.
• Provide critical integration between customer and commercial vendors teams
• Analyze signatures (ex. YARA, Snort) in Cyber Threat Intelligence or DoD orders and assess new capability coverage for these threats

• 2+ years of experience in cyber analyst role
• Experience conducting malware analysis
• Experience developing behavioral threat signatures, such as YARA rules
• Experience with cyber operations and cyber operation planning processes
• Understands malicious cyber actor TTPs to include initial access and command-and-control
• Understands how to use cyber security tools and data to conduct defensive cyber operations
• Understands cyber threats and cyber threat frameworks such as Cyber Kill Chain and MITRE ATT&CK framework
• Understands Cyber Threat Intelligence (CTI) and how to integrate CTI into defensive cyber operations

• Hands on SIEM experience, preferably with Splunk, to include configuration, query development, log review/analysis, and correlation of event data
• 5+ years of experience in cyber analyst role, preferably supporting DGFC or JFHQ
• Experience with regex and signature development
• Experience with coding/scripting
• Cybersecurity certifications such as CISSP and/or GIAC certifications
• Splunk certifications

• Minimum Active Secret Clearance.
• Active TS and TS/SCI clearances are preferred