SRA International, Inc., A CSRA Company Mid-Level Cyber Security Analyst in Arlington, Virginia

Clearance Level Must Currently Possess:

Secret (NACLC)

Clearance Level Must Be Able to Obtain:



No Suitability Required

Job Family:

Information Technology

Job Description:


Acts as primary contact for the initial intake of cyber security events; triages potential incidents, determines the nature and scope of the event/incident, and classifies the severity and priority of the incident. Acts as the primary SOC resource with responsibility to coordinate and assist with all phases and personnel of the information security response lifecycle. Analyzes all security systems log files, reviews and keeps track of triggered events, researches current and future cyber threats, reconciles correlated cyber security events, develops and modifies new and current cyber security correlation rule sets, and operates SOC equipment and technology.


Provides technical support on post event network security logs and trend analysis.; Detects the full spectrum of known cyber attacks (e.g., DDoS, malware, phishing, others).; Uncovers security and compliance violations.; Pinpoints location of compromised systems and devices.; Correlates events from the various components in the IT security infrastructure and identifies attacks and breaches.; Associates and correlates IP address related events with specific systems or devices in the IT infrastructure.; Identifies and analyzes intelligence information about threats to customer’s information processing systems.; Associates and correlates assets with dynamically assigned IP addresses over time.; Associates and correlates events and security incidents with individuals and their role and organization.; Conducts cyber incident and event monitoring.

Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analysis of relevant event detail and summary information. Ensure the integrity and protection of networks, systems, and applications through monitoring of security devices. React to customers escalations. Identify, analyze, and document actions taken by malicious actors. Determine sophistication, priority, and threat level of identified malware. Examine media and malware analysis reports and operational reporting from incidents to correlate similar events, tradecraft, and TTPs of malicious activity. Conduct log and system analysis for various system, and network and security devices. Experience working within a wide range of environments to include Linux, UNIX, Windows in addition to a strong understanding of networking, the OSI model, and TCP/IP protocols. Familiarity with Federal and DoD security standards such as NIST, DCID, CNSS and DoD 8500. Experience in implementation of ITIL practices and ISO 2700 family of standards.


  • DoD 8570 CNDSP Certified: CEH, SSCP, GCIH, CSIH, or GCFA are acceptable

  • Must be ITIL v3 Certified within 45 days of start

  • At least 2+ years of relevant experience in a SOC

  • DoD Secret clearance

  • Degree - Desired: B.S. (Information Security and Assurance) or related discipline

  • Experience/knowledge with ArcSight

  • Experience with multiple IPS/IDS Systems

  • Theoretical and practical knowledge of TCP/IP stack protocols.

· Knowledge of current security threats, vulnerabilities and web application attacks.

· Experience with security risk assessment and mitigation techniques

· Experience with TCP/IP packet analysis.

· Must be able to communicate technical details in a clear, understandable manner

· Excellent problem solving skills and keen ability to diagnose and troubleshoot technical issues

# of Openings:


Scheduled Weekly Hours:


T elecommuting Options:

Some Telecommuting Allowed

Work Location:

USA VA Arlington - 111 South George Mason Dr (VAC292)

Additional Work Locations:

CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.


CSRA is tomorrow’s thinking, today. To “Think Next. Now.” is to imagine a better future and to deliver it, today. For our customers, our partners, and ultimately, all the people our mission touches, CSRA is realizing the promise of technology to change the world through next-generation thinking and meaningful results.

We understand that our customers' missions require new methods and imaginative thinking. We bring together government IT professionals, emerging technologies, and the brightest, cutting-edge advisors in the industry to deliver a broad range of innovative, next-generation IT solutions and professional services to help our customers modernize their legacy systems, protect their networks and assets, and improve the effectiveness and efficiency of mission-critical functions for our warfighters and our citizens.

Everywhere you look, CSRA is there. We’re in our nation’s infrastructure, in training and education, in cyber security, in serving veterans who served us—and, so much more. Take some time to learn more about CSRA. You might be surprised to learn how we touch your life.

We are a company of 18,000+ smart, talented individuals, yet we enjoy a start-up culture that inspires us to make a difference while delivering results in this rapidly evolving world. Join our team and use your skills and expertise to support the safety, security, health and well-being of the nation.