CND ANALYST

Reston, VA

Industry: ALKU:Gov SysNet Job Number: 129421

CND ANALYST

Candidate must have TS SCI and Polygraph in order to be considered.

Program Description:

Our clients program provides cyber operational efficiency to help our customers reduce their exposure to cyber threats. The team is looking to bring on a Cyber Analyst with the ability to perform the procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.

Day-to-Day Responsibilities:
  • Find potential intrusions from seemingly benign audit logs or IDS alerts.
  • Create new techniques to compress time-intensive tasks into work that can be completed faster.
  • Evaluate and organize disparate sources of data to create a timeline of events and evaluate as a potential intrusion.
  • Catch the subtle cues of network traffic across the OSI stack to recognize and understand the meanings and implications of observed traffic.
  • Take apart a piece of malware to understand its attack vector and its most likely purpose.
  • Work with system owners to identify and correct misconfigurations.
  • Establish and grow relationships with other security operations centers, industry partners, and agencies to share best practices, tools and tippers.
  • Take on perspective of adversary and look at the structure of a network and supported mission to assess areas of exploitable vulnerabilities.
  • Perform Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
  • Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
  • Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
  • Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
  • Assist with implementation of counter-measures or mitigating controls.
  • Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
  • Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.

Required:
  • Security+
  • IDS Anomaly Detection
  • Incident Response experience
  • TCPDUMP/SPLUNK/FIREEYE

  Job Type: Full Time 

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.