Network Based Systems Analyst II - TS/SCI
Vacancy expired!
Network Based Systems Analyst II, TS/SCI, Arlington, VAClearance: TS/SCIResponsibilities: - Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.- Coordinate with enterprise-wide cyber defense staff to validate network alerts- Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment- Perform cyber defense trend analysis and reporting- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack- Receive and analyze network alerts from various sources within the enterprise and determine possible causes of alerts- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.- Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity- Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information- Identify and analyze anomalies in network traffic using metadata- Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools- Identify applications and operating systems of a network device based on network traffic- Reconstruct a malicious attack or activity based off network traffic- Identify network mapping and operating system (OS) fingerprinting activities- Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave Required Skills: - U.S. Citizenship - Active TS/SCI clearance - Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability.- 2+ years of direct relevant experience in cyber defense analysis using leading edge technologies and industry standard cyber defense tools- Experience successfully developing and deploying signatures- Experience detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort)- Experience implementing incident handling methodologies- Experience implementing protocol analyzers- Experience collecting data from a variety of cyber defense resources- Experience reading and interpreting signatures (e.g. snort)- Experience performing packet-level analysis- Experience conducting trend analysisDesired Skills:- Python programming experience- Experience with Carnegie Mellon SiLK tool suiteRequired Education: BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 4+ years of network investigations experience. Desired Skills One or more of the following professional certifications: GNFA, GCIH, GCIA, GSEC, CASP+, CySA+, PaLMS, FedVTE • GSEC (SANS401), Arcsight (or other SEIM solution), Network+, Security+