Sign Up Sign Up Log In Sign Up

Network Defense Engineer IRES - HSV

This position requires a Network Defense & Incident Response Analyst to conduct intrusion detection and incident response on customer networks and maintain situational awareness of enterprise- wide cyber security. Candidate will: Analyze event logs from network security devices (e.g., network and host-based security systems, firewalls, routers, switches, etc.) and mission critical servers for indicators of compromise and known attack patterns. Develop and disseminate of computer networkdefense (CND) alert and notification messages to warn customers of threats and provide guidancefor countermeasures to defend againstidentified threats. Review data originating from or reflecting status of ongoingintrusions or cyber security incidents and document the findingsaccording to established procedures. Analyze vulnerabilities against known exploits that do not have vendor-provided mitigation or remediation action in enterprise cyber-threat environment and disseminate guidanceto improve network defensive posture. Respond to cybersecurity incidents, including reporting all pertinent detailsutilizing internal and external data management systems. Conducts digital forensic analysis and collect potential evidence by analyzing content of compromised systems. Documents relevant findings, and/or identifying the tactics, techniques, and procedures used by an attacker and preserve forensicchain of custodyfor evidence when required. Support the development, establishment, review and update of CND procedures, processes, manuals, and other documentation.


Basic Requirements:High School Diploma(or GED) with 8 years general experience or an Associate's degree with 8 years general experience or a Bachelor's degree with 8 years general experience; must include 8 years’ experience in Directory Services (e.g. Windows 2000+ AD, LDAP, DHCP); Operating Systems (e.g. UNIX, Windows, MS Exchange); Internet Protocols (e.g. DNS, HTTP, SMTP, SSL); Firewall configuration and trouble shooting; Multiple network types (i.e. LAN, WAN, VxLAN, SDN): and/or managing Voice over Internet Protocol (VoIP) Telecommunications infrastructures. Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education(CE). Must have a current DoD 8570.01-M CSSP Analyst or Incident Responder certification. Candidate must have an active DoD Secret security clearance to start; must have or be able to obtain and maintain DoD Top Secret clearance with SCI eligibility. Experience with security analysis and solutions in a WAN/LAN environment. Must have excellenttechnical writing skillsto accomplish requiredforensic and incident reporting. Must be willingto work in an 24x7x365operational environment, whichrequires shift work. Must be willing to travel 25%. Must be willing to provide training to other analysts.

Desired Requirements: Bachelor’s degree in Information Technology, Cybersecurity, or related discipline. Experience with DoD DCO/CSSP, network, and system security policies and procedures. Experience with correlating security events across a WAN using SIEM tools, ArcSight preferred Experience with other CND tools/applications, such as Network Security Manager, Bluecoat, Barracuda. Current DoD Top Secret clearance GCIA, GCIH, or GCFA certified preferred.

Company Name:
Security Clearance:
Top Secret / SCI
Redstone Arsenal, Alabama
United States
Not Specified
Job Number:

Send me email alerts for similar jobs