Job Description
The Investigation Analyst will become part of (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective and secure business processes. DSCM program encompasses technical, engineering, data analytics, cyber security, management, operational, logistical, and administrative support to aid and advise DoS Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats. Those supporting the DSCM program strive to leverage their expert knowledge and propose creative solutions to real-world cybersecurity challenges.
The Investigation Analyst role will be located in Rosslyn, VA. This role supports the Operational Threats & Analysis (OTA) Team.
Day to Day:
* Audit insider threat activities.
* Recommend strategies for assessing inappropriate use of the Department's networks; research and recommend tools for monitoring employee computer use and assessing user behavior.
* Provide support to DS criminal investigators.
* Perform in-depth log analysis to determine trend, patterns, and suspicious activity.
* Interface and coordinate with other U.S. Government, Intelligence Community, and Law Enforcement organizations performing insider threat auditing.
Required Skills & Experience
Requirements:
* Bachelor's Degree and a minimum of 9 years' experience required or a master's Degree and a minimum of 7 years of experience. An additional 4 years of experience may be used in lieu of degree.
* Top secret clearance
* Experience with investigations and insider threat
* Previous experience supporting law enforcement investigations or internal threat analysis
* Possess ONE of the following certifications or be able to obtain before start date: CASP+ CE, CCNP Security, CEH, CFR, CHFI, CISA, CISSP (or Associate), Cloud+, CND, CySA+, GCED, GCIH, GICSP, or SSCP.
* Experience performing threat analysis.
Nice to Have Skills & Experience
Plusses:
* Experience with digital evidence acquisition, user activity monitoring and technical analysis is a plus.
* SOC experience
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.