Cyber Security Analyst - NIPR ACD-O (TS/SCI clearance)
Red River Technology

San Antonio, Texas

Posted in IT


This job has expired.

Job Info


Position Summary:
Red River is seeking a Residency Services team member to join our team based in San Antonio for our important Air Force customer. They will be supporting a mission with multiple other Residents from Red River. The ability of the AFCERT to complete its mission is dependent upon accurate, timely and thorough near real-time network security monitoring and analysis of the Air Force network/systems DCO events. Real- Time analyst contractors are required to provide 24-hour coverage (work) for seven (7) days a week, 365 days a year with zero tolerance for error.

Primary Position Tasks:

Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas: IP addressing and domain name service; network components; Transmission Control Protocol (TCP)/User Datagram Protocol (UDP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), and Hypertext Transfer Protocol (HTTP); and understand the network Open Systems Interconnection (OSI) model. Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects)

* Review all Near Real-Time IDS/IPS alerts per AFCERT Operating Instruction (OI) and checklists at the AOL, COOP, or Ops Floor

* Conduct near real-time security monitoring and intrusion detection analysis for all systems

* Comply with 3rd party MOU/MOA monitoring and reporting requirements.

* Monitor security sensors to analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify and correlate security issues/events and review logs to identify intrusions for remediation.

* Analyze and manage analysis results to identify and mitigate threats and enforce corrective actions. * Analyze traffic/logs/events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities.

* Utilize tools and techniques to perform initial analysis, de-obfuscation, or other manipulation of malware related data.

* Conduct Incident intake and record suspicious events into the operational database for suspicious traffic. These records shall contain sufficient information to stimulate future analysis of suspicious traffic. The record shall answer the: who, what, where, why and when for this suspicious activity, update tickets (CAT events) for reporting of cyber events.

* Perform initial analysis of security events, network traffic.

* Enter event data into mission support systems IAW AFCERT operational procedures and reports.

* Compile suspicious events records and other artifacts as part of its Monthly Operational Report.

* Escalate security incidents using established policies and procedures.

* Generate end-of- reports (MISREPS) and provide pass-on information for knowledge transfer to subsequent /crews of analysts on duty regarding the latest suspicious traffic seen from a given port, Internet Protocol (IP), etc. with no more than a 5% error rate.

* Provide computer security-related support to AF field units in countering vulnerabilities, minimizing risk, and improving the security posture of AF networks and systems within the scope of AFCERT operational requirements and mission execution.

* Provide focused DCO tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named DCO operations and exercises.

* Conduct 24x7x365 near real-time network security monitoring and intrusion detection analysis for the networks, systems monitored using AF's selected IDS/IPS capabilities with no more than a 5% error rate. Incident Response (ACD Operator - Requires Mission Ready Status)

  • Contract support requires 100% DoD 8570.01 IAT Level I CND compliance.
  • Must currently hold a security clearance at the Top Secret/SCI level. US Citizenship is a requirement for Top Secret clearance at this location.


Minimum Education/Certification/Experience Requirements:
  • Contract support requires 100% DoD 8570.01 IAT Level I CND compliance.
  • Primary OS Certification Level for this position is GCIA, GNFA or GCDA.


Preferred Education/Certification/Experience:

BA/BS Computer Science, Computer Engineering, Computer Information Systems, Computer Systems Engineering or related degree preferred

Candidates for the job should possess excellent organizational skills as well as the ability to efficiently multi-task. Ideal candidates have a strong focus on day-to-day operational excellence, and a personal style that builds trust, and inspires loyalty. The candidate should be motivated, proactive, be able to learn and adapt quickly.

Established in 1995, Red River delivers information technology solutions to a worldwide military and civilian customer base and the New England enterprise market including healthcare, financial services and education customers. Red River is ranked the 5th fastest growing company in NH by Business NH Magazine and has demonstrated consistent year over year revenue and employee growth since its inception. With corporate offices in Claremont, NH, Red River has satellite offices in Virginia, Texas and California.

EOE M/F/DISABLED/Vet

Red River is an equal opportunity employer and makes employment decisions without regard to race, gender, disability or protected veteran status.

Red River offers a competitive salary, excellent benefits and an exceptional work environment. If you are ready to join a growing company, please submit your resume and cover letter (required).

COVID Vaccination: Prospective and/or new employees will be required to comply with Red River's COVID vaccination policy (which includes being fully vaccinated to enter a Red River office or attend a Red River event) and, if applicable to the position, government vaccination mandates. Where required, Red River employees must submit proof of vaccination on their first day of employment. Prospective or new employees may seek an exemption to applicable vaccination requirements and must have an approved exemption prior to the start of their employment. Customer site vaccination requirements, if more stringent, will take precedence over Red River's vaccination policy. Applicants in need of an exemption due to a sincerely held belief or disability should contact accommodation@redriver.com.

Red River does not accept unsolicited resumes from individual recruiters or third party recruiting agencies in response to job postings or otherwise. Placement fees will not be paid to any recruiter unless Red River has an active agreement in place with the recruiter and such a request has been made by the Red River Talent Acquisition team and such candidate was submitted to the Red River Talent Acquisition Team via our Applicant Tracking System. Any unsolicited resumes or other data submitted to Red River in violation of this policy may be used by Red River without obligation to pay any fees of any kind to the recruiter.


This job has expired.

More IT jobs


American Cybersystems, Inc.
Albany, New York
$57.69 - $72.11 per hour
Posted about 1 hour ago

American Cybersystems, Inc.
Holly Springs, North Carolina
$30.00 - $33.00 per hour
Posted about 1 hour ago

American Cybersystems, Inc.
Charlotte, North Carolina
$33.00 - $36.00 per hour
Posted about 1 hour ago

Get Hired Faster

Subscribe to job alerts and upload your resume!

*By registering with our site, you agree to our
Terms and Privacy Policy.