Junior Cybercrime Analyst/Engineer

As a leading provider of managed cybersecurity services, BWT provides a highly tailored and customized offering to each customer. Our team is responsible for protecting both our customers and corporate environment at BWT. Our mission is very broad, and our team is agile. We will look toward your unique skills to approach and solve problems in your own way, whether engineering a system to address a technical hurdle, protecting customers data or consulting on a wide range of security topics.
This position investigates threats targeting our internal networks, government and commercial customers.

As a Cybercrime Analyst, your primary responsibilities will include:

• Proactively scan all devices for network and system vulnerabilities.
• Monitor the remediation status of the scan results and evaluate scan results for accuracy and risk.
• Provide analyzed results to various responsible parties identified by the Government Task Monitor for resolution.
• Act as the subject matter expert for the scan results and consult with the remediation teams on various methods for resolution.
• Be responsible for the Vulnerability Exploit Test and ad hoc web application, database, and operating system targeted scan requests.
• Conduct cyber hygiene scanning based on the following:

Identify:
• Active hosts, operating system, ports, protocols and services
• Vulnerabilities and weaknesses
• Common configuration errors
• Improperly signed Domains
• Expired SSL Certificates.

Understand how systems and infrastructure appear to potential attackers:
• Vulnerabilities
• Mitigations
• Operating Systems
• Applications

• Support the Security Assurance Branch and/or Governance and Risk Management (GRM) in any vulnerability management-related activities.
• Conduct Vulnerability Assessments using a master schedule.
• Manage organization-wide Information Security Vulnerability Management (ISVM) compliance validation, Common Vulnerabilities and Exposures (CVE), and Common Platform Enumeration (CPE) assessments.
• Employ ad hoc or emergency VA scanning to support targeted incident investigations.
• Produce Vulnerability Assessment Reports.
• Provide vulnerability assessment summary reports to the appropriate system owner/ISSM/ISSO and document the findings.
• Conduct follow-on assessments to compare results, focus on deferential findings, look for evidence or lack of improvements thereof to report trends, determine effectiveness of mitigation strategy, and provide recommendations to changes in DHS policy or architecture.
• Provide automated reporting capabilities to input scanning results to report on findings at time of engagement.
• Evaluate new methodologies to support investigating cyber security incidents and provide reviews and recommendations.
• Hunt for threats within the internal and customer networks.
• Support the investigation of large- and small-scale cyber breaches.
• Develop new capabilities to enhance the analysis capabilities of the team.
• Learn and keep up with current cyber threats, attack methodology, and detection techniques using a wide variety of security products including COTS and open source.
• Understand and utilize cyber threat intelligence sources.
• Utilize the SIEM to correlate events and identify indicators of threat activity.
• Perform endpoint detection and response.
• Conduct analysis of multiple data sources to identify indicators of compromise.
• Communicate cyber events to internal and external stakeholders.
• Help evaluate new analytical techniques and capabilities to determine how they can integrate into a managed security offering.

Clearance:
• Must have or be eligible for TS security clearance preferred; DHS EOD/Public Trust acceptable. Must be able to maintain the required clearance to include US citizenship.

Work Remotely:
• Yes