Network Based Analyst II with Security Clearance
Company: Base One Technologies
Location: Arlington
Posted on: April 15, 2024
|
|
Job Description:
Provides remote and onsite advanced technical assistance,
proactive hunting, rapid onsite incident response, and immediate
investigation and resolution using host-based, network-based and
cloud-based cybersecurity analysis capabilitiesTeam personnel
provide front line response for digital forensics/incident response
(DFIR) and proactively hunting for malicious cyber activity--- We
are seeking Cyber Network Defense Analysts (CNDA) to support this
critical customer mission--- The CDNA uses information collected
from a variety of sources to monitor network activity and analyze
it for evidence of suspicious behavior--- Monitoring and analysis
are performed to identify and report events that occur, or might
occur, within the network, in order to protect information,
information systems, and networks from threatsResponsibilities: ---
Characterize and analyze network traffic to identify anomalous
activity and potential threats to network resources --- Coordinate
with enterprise-wide cyber defense staff to validate network alerts
--- Document and escalate incidents (including event's history,
status, and potential impact for further action) that may cause
ongoing and immediate impact to the environment --- Perform cyber
defense trend analysis and reporting --- Perform event correlation
using information gathered from a variety of sources within the
enterprise to gain situational awareness and determine the
effectiveness of an observed attack - Provide daily summary reports
of network events and activity relevant to cyber defense practices
- Receive and analyze network alerts from various sources within
the enterprise and determine possible causes of alerts
--- Provide timely detection, identification, and alerting of
possible attacks/intrusions, anomalous activities, and misuse
activities and distinguish these incidents and events from benign
activities - Use cyber defense tools for continual monitoring and
analysis of system activity to identify malicious activity
--- Analyze identified malicious activity to determine weaknesses
exploited, exploitation methods, effects on system and information
--- Identify and analyze anomalies in network traffic using
metadata
--- Validate intrusion detection system (IDS) alerts against
network traffic using packet analysis tools - Identify applications
and operating systems of a network device based on network traffic
- Reconstruct a malicious attack or activity based off network
traffic - Identify network mapping and operating system (OS)
fingerprinting activities --- Assist in the construction of
signatures which can be implemented on cyber defense network tools
in response to new or observed threats within the network
environment or enclave Required Skills/Clearances:
--- U.SCitizenship - Active TS/SCI clearance - Ability to obtain
Department of Homeland Security (DHS) Entry on Duty (EOD)
Suitability - 2+ years of direct relevant experience in cyber
defense analysis using leading edge technologies and industry
standard cyber defense tools - Experience successfully developing
and deploying signatures
--- Experience detecting host and network-based intrusions via
intrusion detection technologies (e.g., Snort) - Experience
implementing incident handling methodologies --- Experience
implementing protocol analyzers --- Experience collecting data from
a variety of cyber defense resources --- Experience reading and
interpreting signatures (e.gsnort)
--- Experience performing packet-level analysis - Experience
conducting trend analysis Desired Skills: --- Python programming
experience -
--- Strong math and science background --- Experience with Carnegie
Mellon SiLK tool suite Required Education: BS Computer Science,
Cyber Security, Computer Engineering, or related degree; or HS
Diploma & 4+ years of network investigations experienceDesired
Certifications: One or more of the following professional
certifications: GNFA, GCIH, GCIA, GSEC, CASP+, CySA+, PaLMS, FedVTE
--- GSEC (SANS401), Arcsight (or other SEIM solution), Network+,
Security+
Keywords: Base One Technologies, Annandale , Network Based Analyst II with Security Clearance, Professions , Arlington, Virginia
Click
here to apply!
|