Vencore Cyber Watch Analyst in Chantilly, Virginia


Vencore is a proven provider of information solutions, engineering and analytics for the U.S. Government. With more than 40 years of experience working in the defense, civilian and intelligence communities, Vencore designs, develops and delivers high impact, mission-critical services and solutions to overcome its customers most complex problems.

Headquartered in Chantilly, Virginia, Vencore employs 3,800 engineers, analysts, IT specialists and other professionals who strive to be the best at everything they do.

Vencore is an AA/EEO Employer - Minorities/Women/Veterans/Disabled


Installs, supports, maintains and monitors IT Storage Area Network (SAN) infrastructure for reliability and uptime. Architects, designs, implements and maintains complex enterprise SANs and data backup recovery systems. In collaboration with other architecture and engineering teams(systems engineering, database administration, network operations and applications development), analyze and design enterprise storage systems used for customer data management, high transaction database processing and storage. Working with others, analyze and translate business requirements into a solution design for new installations or upgrades to existing platforms. Manages and provides operational support of data availability and retention systems such as server and SAN based backups and enterprise level backup solutions.

Work a 12-hour shift on the Computer Incident Response Team (CIRT) Watch Floor

• Position is shift work with varying schedules by week.

• Collaborate between CIRT elements as necessary during incident detection and response stages

• Respond promptly to all request for support whether telephonic, via e-mail or instant messenger

• Create releasable finished intelligence products and reports for the IC as well as IC Senior Leadership

• Maintain incident case management database for all reported incidents

• Analyze incidents and events captured in the Case Management Database for trends, patterns, or actionable information

• Review incidents and events captured in the Case Management Database after closure for investigative sufficiency and timeliness

• Leverage existing business processes and where necessary define and document new repeatable business processes and procedures

• Research external information on events, incidents, outages, threats, and technical vulnerabilities

• Coordinate and disseminate the best course of action for the IC enterprise during cybersecurity events, incidents, outages, threats and technical vulnerabilities with IC-IRC fusion analysis team

• Assess incidents to identify type of attack, estimate impact, and collect evidence


Requires 2 to 5 years with BS/BA or 0 to 2 years with MS/MA/MBA or 8 to 10 years with no degree.

Job ID 2018-50662

# of Openings Remaining 1

Category Intelligence

Residency Status U.S. Citizenship Required

Clearance Top Secret/SCI w/Poly

Employee Type Regular

Time Type Full Time