Cpt Operators (Service And Direct Teams)

DecisionPoint is seeking experienced CPT Operators (Service and Direct Teams) to join our team to serve on Cyber Protection Team (CPT) in either a Cyber Security Network Analyst position or Cyber Security Host Analyst position. The operator will conduct cyber threat hunting, network navigation, tactical forensic analysis, collection of valuable operational data, and when directed, execute operations in support of defensive initiatives. Operators will provide support for persistent monitoring of all designated networks, enclaves, and systems. Candidate may be required to interpret, analyze, and report findings in accordance with computer network directives, including initiating, responding, and reporting discovered events. Candidates may be required to manage and execute first-level responses and address reported or detected incidents.

This position is onsite in Scott AFB, IL.

• Active TS/SCI clearance.
• Two (2) or more years’ experience in cyber security required

Required Certifications: 

• DoD 8570.01-M IAT Level III certification (current) 
• Have a Bachelor’s Degree or possess, or be willing to obtain, one of the following certifications:  GCFA, GCIA, PenTest+, GCED, CFR, or Cloud+ 

Required Skills: 

• Experience with toolsets such as Wireshark, the Elastic Stack, Arkime, Zeek, Metasploit, tcpdump, NMap, Nessus, Snort, EnCase, Forensic Toolkit, Windows Fundamentals, UNIX fundamentals, exploitation theory, privilege escalation, evidence removal 
• Have strong UNIX/Linux fundamentals along with familiarity of UNIX/Linux/Windows Command Line Interface (CLI), Bash and PowerShell 
• Proficient in writing, editing, executing scripts on Windows, Linux, UNIX systems 
• Experience with encrypted and unencrypted remote access technologies, such as RDP, SSH, VPN, Telnet, and FTP  
• General knowledge of cyber security frameworks, such as the Cyber Kill Chain, MITRE ATT&CK, and the NIST 800 series  
• General knowledge of physical computer components and architectures, including the functions of computer domains, directory services, various components and peripherals, basic programming concepts, assembly codes, TCP/IP, OSI models, underlying networking protocols (e.g., DNS, ARP, etc.), security hardware and software 
• Candidate must be self-motivated and able to perform with minimal supervision 

Preferred Skills/ Qualifications: 

• Knowledge of cyber forensic collection, preservation, and chain of custody 
• Experience with Endpoint Detection and Response (EDR) toolsets, such as Elastic Endpoint Security, CrowdStrike Falcon, and Trellix EDR 
• Experience with encryption, decryption, and hashing technologies such as DES, AES, RSA, PKI, SHA, and MD5 
• Knowledge of Red Team Tactics, Techniques, and Procedures (TTP) 
• Knowledge of distributed systems, process control, advanced routing, wireless, cloud, telecom and datacom platforms. 
• Experience programming in C, C++, C#, Ruby, Perl, Python, SQL 

Additional Requirements: 

• Travel may be required up to 25% 
• Must successfully complete, and maintain, mission qualification requirements 

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.