Network Based Systems Analyst IV

Arlington, VA, 1099, W2

Responsibilities

  • Assist the Government lead in coordinating teams in preliminary incident response investigations
  • Assist the Government lead with interfacing with the customer while on site
  • Determine appropriate courses of actions in response to identified and analyses anomalous network activity
  • Assess network topology and device configurations identifying critical security concerns and provide security best practice recommendations
  • Assist with the writing and publishing of Computer Network Defense guidance and reports on incident findings to appropriate constituencies
  • Collect network intrusion artifacts (e.g., PCAP, domains, URI’s, certificates, etc.) and use discovered data to enable mitigation of potential Computer Network Defense incidents
  • Analyze identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information
  • Assist with real-time CND incident handling (i.e., forensic collections, intrusion correlation and tracking, threat analysis, and advise on system remediation) tasks to support onsite engagements
  • Provide technical briefings as required

Requirements

  • TS/SCI Clearance
  • Must be able to obtain DHS Suitability
  • BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 10+ years of network investigations experience
  • Desired Certifications: DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst, GCIA, GCIH, CSSP Analyst/CSSP Incident Responder, CEH – SANS GIAC GNFA preferred
  • 8+ years of directly relevant experience in network investigations
  • In depth knowledge of CND policies, procedures and regulations
  • In depth knowledge of standard protocols – ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS, TCP/IP
  • In depth knowledge and experience of Wifi networking
  • In depth knowledge and experience of network topologies – DMZ’s, WAN’s, etc.
  • Substantial knowledge of Splunk (or other SIEM’s)
  • Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
  • Knowledge of Computer Network Defense policies, procedures, and regulations
  • Knowledge of defense-in-depth principles and general attack stages with respect to network security architecture
  • Ability to characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
  • Ability to identify and analyze anomalies in network traffic using metadata
  • Experience with reconstructing a malicious attack or activity based on network traffic
  • Experience examining network topologies to understand data flows through the network
  • Able to work collaboratively across physical locations

Bonus Points

Join ClearedCollab

Apply for this Job

Upload your CV/resume or any other relevant file. Max. file size: 1 MB.