SkyePoint Decisions, Inc.

  • Cyber Operations Manager

    Job Location US-MD-Beltsville
    ID
    2018-1653
    Job Type
    Immediate Hire
    Category
    Information Technology
  • Overview

    The Cyber Security Operations Manager will perform various tasks and hold key responsibilities within a newly created team in the Beltsville, MD location. 

    Responsibilities

    • Operational Monitoring
    • Log and Ticket Analysis
    • Incident Escalation, Operational Incident Management and Case Management
    • Policy Compliance Auditing and Reporting
    • Cybersecurity Applicant Administration and/or Monitoring
    • Analyze internal operational architecture, tools, and procedures for ways to improve performance.
    • Analyze target operational architecture for ways to gain access.
    • Collaborate with development organizations to create and deploy the tools needed to achieve objectives.
    • Conduct collection and processing of wireless computer and digital networks.
    • Conduct on-net activities to control and exfiltrate data from deployed technologies.
    • Conduct on-net and off-net activities to control, and exfiltrate data from deployed, automated technologies.
    • Conduct open source data collection via various online tools.
    • Conduct survey of computer and digital networks.
    • Detect exploits against targeted networks and hosts and react accordingly.
    • Develop new techniques for gaining and keeping access to target systems.
    • Identify potential points of strength and vulnerability within a network.
    • Maintain situational awareness and functionality of organic operational infrastructure.
    • Process exfiltrated data for analysis and/or dissemination to customers.
    • Provide real-time actionable geolocation information.
    • Record information collection and/or environment preparation activities against targets during operations designed to achieve cyber effects.
    • Test and evaluate locally developed tools for operational use.
    • Test internal developed tools and techniques against target tools.

    Qualifications

    • Bachelor’s Degree in related field
    • Active Top Secret
    • 5+ years of related experience
    • Previous experience as an Operations Manager, Operational Security Monitoring Analyst, Log Analyses Specialist or Policy Auditing Specialist
    • Experience in tools such as
      • Remedy
      • Palo Alto
      • Active Directory
      • SCOM
      • SCCM
      • SEP
      • Bromium
      • Network Design
      • Cisco Iron Port
    • Excellent verbal and written communication skills.
    • Excellent communication and presentation skills.

    Abilities:

    • Ability to interpret and translate customer requirements into operational action.
    • Ability to monitor system operations and react to events in response to triggers and/or observation of trends or unusual activity.

    Knowledge:

    • Knowledge of computer networking concepts and protocols, and network security methodologies. 
    • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 
    • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 
    • Knowledge of cybersecurity and privacy principles. 
    • Knowledge of cyber threats and vulnerabilities. 
    • Knowledge of specific operational impacts of cybersecurity lapses. 
    • Knowledge of application vulnerabilities. 
    • Knowledge of collection management processes, capabilities, and limitations.
    • Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. 
    • Knowledge of auditing and logging procedures (including server-based logging).
    • Knowledge of basic software applications (e.g., data storage and backup, database applications) and the types of vulnerabilities that have been found in those applications. 
    • Knowledge of cryptologic capabilities, limitations, and contributions to cyber operations.
    • Knowledge of current software and methodologies for active defense and system hardening.
    • Knowledge of database theory.
    • Knowledge of deconfliction reporting to include external organization interaction.
    • Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
    • Knowledge of encryption algorithms and tools for wireless local area networks (WLANs). 
    • Knowledge of enterprise-wide information management.
    • Knowledge of evasion strategies and techniques.
    • Knowledge of host-based security products and how those products affect exploitation and reduce vulnerability. 
    • Knowledge of implementing Unix and Windows systems that provide radius authentication and logging, DNS, mail, web service, FTP server, DHCP, firewall, and SNMP.
    • Knowledge of internal and external partner reporting.
    • Knowledge of malware.
    • Knowledge of methods and techniques used to detect various exploitation activities.
    • Knowledge of network administration.
    • Knowledge of network construction and topology.
    • Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
    • Knowledge of security hardware and software options, including the network artifacts they induce and their effects on exploitation.
    • Knowledge of security implications of software configurations.
    • Knowledge of structure, approach, and strategy of exploitation tools (e.g., sniffers, keyloggers) and techniques (e.g., gaining backdoor access, collecting/exfiltrating data, conducting vulnerability analysis of other systems in the network).
    • Knowledge of the basic structure, architecture, and design of modern communication networks.
    • Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
    • Knowledge of the fundamentals of digital forensics to extract actionable intelligence.
    • Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications).
    • Knowledge of virtual machine technologies.

    Skills:

    • Skill in analyzing memory dumps to extract information.
    • Skill in analyzing target communications internals and externals collected from wireless LANs.
    • Skill in analyzing terminal or environment collection data.
    • Skill in assessing current tools to identify needed improvements.
    • Skill in auditing firewalls, perimeters, routers, and intrusion detection systems.
    • Skill in data mining techniques (e.g., searching file systems) and analysis.
    • Skill in determining installed patches on various operating systems and identifying patch signatures.
    • Skill in extracting information from packet captures.
    • Skill in identifying the devices that work at each level of protocol models.
    • Skill in interpreting vulnerability scanner results to identify vulnerabilities.
    • Skill in knowledge management, including technical documentation techniques (e.g., Wiki page).
    • Skill in processing collected data for follow-on analysis.
    • Skill in providing real-time, actionable geolocation information utilizing target infrastructures.
    • Skill in reading, interpreting, writing, modifying, and executing simple scripts (e.g., PERL, VBS) on Windows and Unix systems (e.g., those that perform tasks like parsing large data files, automating manual tasks, and fetching/processing remote data).
    • Skill in remote command line and Graphic User Interface (GUI) tool usage.
    • Skill in reverse engineering (e.g., hex editing, binary packaging utilities, debugging, and strings analysis) to identify function and ownership of remote tools.
    • Skill in server administration.
    • Skill in survey, collection, and analysis of wireless LAN metadata.
    • Skill in technical writing.
    • Skill in testing and evaluating tools for implementation.
    • Skill in using tools, techniques, and procedures to remotely exploit and establish persistence on a target.
    • Skill in using various open source data collection tools (online trade, DNS, mail, etc.).
    • Skill in verifying the integrity of all files. (e.g., checksums, Exclusive OR, secure hashes, check constraints, etc.). 
    • Skill in wireless network target analysis, templating, and geolocation.
    • Skill to analyze and assess internal and external partner reporting. 

     

    SkyePoint Decisions is an established ISO 9000:2008 certified small business headquartered in Dulles, Virginia, with local offices across the Washington, DC, metropolitan area. SkyePoint Decisions has grown into a successful federal contractor by combining industry best practices with innovative solutions that consistently meet or exceed customer requirements. We understand and integrate our customer’s technology and mission requirements to successfully deliver high quality, cost effective services on time and on budget.

     

    SkyePoint Decisions empowers a secure dynamic workforce to complete any mission -- anytime, anywhere. It’s what we call Agency Anywhere®. SkyePoint Decisions delivers Agency Anywhere® by tightly integrating our technical competencies (cybersecurity, cloud services, remote access, collaboration, system & network optimization, device management and more) to provide our customer’s operating environments with the security, flexibility, availability, and operational continuity required to enable today’s on-the-go federal workforce to successfully and securely complete any mission – anytime, anywhere.

     

    SkyePoint Decisions is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed