Sign Up Sign Up Log In Sign Up

Network Defense Analyst - IRES - HSV

This position requires a junior Network Defense & Incident Response Analyst to conduct intrusion detection and incident response on customer networks and maintain situational awareness of enterprise wide cybersecurity. This position supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract.
Candidate will:
  • Conduct Network Intrusion Detection (NID) surveillance and Incident Response on enterprise networks and maintain Situational Awareness (SA) of network security monitoring.
  • Analyze event logs from network security devices and mission critical servers (e.g., network and hostbased security systems, firewalls, routers, switches, Servers, Workstations, etc.) for indicators of compromise and known attack patterns. Use of and interpretation of log data within SIEM tools (e.g., ArcSight, Splunk, etc.).
  • Analyze vulnerabilities against known exploits that do not have vendorprovided mitigation or remediation action (e.g. ZeroDays) in enterprise cyberthreat environment and disseminate guidance to improve network defensive posture.
  • Assist in the response to network and cybersecurity incidents utilizing Incident Responseplans, to include reporting all pertinent details utilizing internal and external data management systems.
  • Under direct supervision, conducts data gathering for digital forensic analysis, collect potential evidence by analyzing content of compromised systems. Documents relevant findings, identifies the tactics, techniques, and procedures used by an attacker, and preserves forensic chain of custody for evidence when required.
  • Draft Defensive Cyber Operations (DCO) alert and notification messages to warn customers of threats and provide countermeasure recommendations to defend against identified threats.
  • Review data originating from or reflecting status of ongoing intrusions or cybersecurity incidents and document the findings according to established procedures.
  • Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation.
  • Work in a Team Environment that is geographically dispersed.
  • Demonstrate excellent skill in oral and written communications and technical writing.

#cjpost


Basic Requirements:
Must have one of the following combinations of education and experience: HS diploma (or GED), plus 8 years of general experience; Associate’s degree and 6 years of general experience; Bachelor’s degree and 4 years of general experience. General experience must include 4 years’ experience in the information security field and practical experience in an incident response role.
  • Must have a current DoD 8570.01M IAT Level II certification with Continuing Education (CE) (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP).
  • Must have a current DoD 8570.01M CSSP Incident Responder certification (CEH, CFR, CCNA Cyber Ops, CySA+, GCFA, GCIH, SCYBER, or CHFI).
  • Candidate must have an active DoD Secret security clearance to start.
  • Be able to obtain a DoD Top Secret clearance.
  • Experience with Cybersecurity analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network Devices, and Operating Systems (e.g., Windows, and Linux).
  • Must be willing to work rotating shifts in 24x7x365 operational environment and respond quickly to emergencies as needed.
  • Experience with most MS Office applications (Word, Excel, PowerPoint, and Visio).
Desired Requirements:
  • Bachelor’s degree in Information Technology, Cybersecurity, or related discipline.
  • Experience with DoD DCO/Cyber Security Service Provider(CSSP), network, and system security policies and procedures.
  • Experience correlating security events across a WAN using SIEM tools, ArcSight.
  • Experience with other DCO tools/applications, such as Firewalls, Intrusion Detection Systems/ Intrusion Prevention Systems, Network Security Manager, Bluecoat, Barracuda, etc.
  • Current DoD Top Secret clearance.
  • GCIH, or GCFA certified.
Company Name:
Security Clearance:
Secret
Location:
Redstone Arsenal, Alabama
Country:
United States
Salary:
Not Specified
Job Number:




Send me email alerts for similar jobs

JOIN US