Company Overview:
CCG is a technology company focused on equipping customers with the capabilities and support to conduct intelligent and successful cyber operations. We do this by finding the most talented engineers and operators in the country, giving them some of the most challenging problems facing the US government, and helping them unleash their creativity and problem-solving skills. Excellence is our standard, and mission success is our metric.
About the Role:
This priority role will report on-site, working alongside our client in Annapolis Junction, MD. The right candidate will have a lifelong-learner attitude and approach problems with outside-the box curiosity and adaptability. You will be a member of a high-speed team in a fast-paced environment. You will be in a position to identify and shape opportunities to bring excellence and innovative ideas to problems that directly impact National Security and the Department of Defense’s cyber operations domain.
- You will be an integral team member at one of our customer locations, supporting real-world cyber missions with critical impact.
- Identify, investigate, and escalate alerts, and events
- Analyze potential threats to systems and take appropriate action to prevent and remediate them.
- Analyzing host-based logs (primarily Linux) and network traffic (PCAP)
- Build visualizations, dashboards, detection rules, and configuring logging on endpoints.
- Develop and automate tasks with various automation tools.
- Participate in the development and revision of standard operating procedures and workflows.
- Create written technical reports and executive summaries related to cyber incidents and events.
- In this role, you’ll also have the unique opportunity to cross-train into our organization’s Special Projects.
- You will find that this role is not stagnant; you will perform additional duties as assigned.
About You:
Continuous learner, both able and willing to quickly learn new technology and software.Ability to work with minimal supervision while regularly collaborating with team members.Sound reasoning skills, possessing the ability to provide effective and efficient solutions to complex problems through a combination of hard skills and curiosity.
Required Qualifications:
- You must live in or around (within commuting distance) the Annapolis Junction, MD area; this is a full-time, on-site role with standard working hours, Monday through Friday.
- You may be expected to work occasional overtime or on an occasional weekend. This is rare, but you should be willing and able to support mission requirements, if or when they emerge.
- Experience in the implementation and use of Greylog, Splunk, and/or ElasticStack (ELK).
- Experience in the implementation and use of Malcolm, Arkime/Moloch, and/or WireShark.
- Ability to analyze network traffic using Wireshark, tcpdump, or related tools.
- Experience with system alerting and monitoring.
- Experience with maintaining security audit logging information.
- Experience as a user of VPN technologies such as Nebula, Wireguard, OpenVPN.
- Experience with host-based and network-based firewalls such as iptables, Cisco ASA, or Juniper SRX.
- Ability to understand and translate complex requirements into working solutions.
- Experience with networking, including routing and switching.
- Develop and document technical processes and procedures.
- Communicate effectively at all levels of the organization, in a written and oral format.
Preferred Qualifications:
- Certificate in Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH)
- Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
- Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
- Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.