Cyber Security Analyst CND

The CND Incident Response (CND/IR) Analyst shall identify, collect, and analyze network and host data, and report events or incidents that occur or might occur within a network to mitigate immediate and potential network and host threats. Provide trend analysis and reports on Computer Network Defense activity. Maintain situational awareness of Cyber incidents and activity with appropriate partners via tools and reporting mechanisms. Research, identify, and verify new Advanced Persistent Threat tactics, techniques, and procedures from commercial and government sources. Provide recommendations to strengthen the client’s overall Cybersecurity posture.

#LI-DNI

Responsibilities:

• Apply knowledge of monitoring, analyzing, detecting, and responding to Cyber events and incidents within information systems and networks.

• Advise on an integrated, dynamic Cyber defense and leverage Cybersecurity solutions to deliver Cybersecurity operational services, including intrusion detection and prevention, situational awareness of network intrusions, security events, and data spillage, and incident response actions.

• Designs, develops, engineers, and implements solutions that meet security requirements, and is responsible for the integration and implementation of computer system security solutions.

• Serve as an Information System Security Engineer (ISSE).

• Performs other tasks as required by OSC and the Government contracting office

Required Qualifications/Education and Experience:

• Must have and maintain a Secret personnel clearance and must be eligible for a TS/SCI

• High School diploma or equivalent

• Must possess an active IAT III/ IAM III certification per the DoD 8570.01-M

• HBSS/ESS certification is required

• Minimum of seven (7) years of experience performing computer network defense (CND) incident triage.

• Experience analyzing log files, firewalls, firewall logs, and intrusion detection systems and IDS Logs to identify possible threats to network security, and to perform command and control functions in response to incidents. If not certified at contract start must be within six months.

• Experience in Host Based Security Systems (HBSS), ACAS vulnerability scanning software and Cyber Security Vulnerability Alerts (IAVA). Experience with Security Information and Events Manager (SIEM)

• Must have and maintain a Secret personnel clearance and must be eligible for a TSSCI

Preferred Qualifications:

• Bachelor’s degree (preferably in Information Technology, Information Management, or Cyber Security)

• Certified Information Systems Security Professional (CISSP) certification

Equal Employment Opportunity/M/F/disability/protected veteran status