Full Time Employee Contractor
Position Title: Cyber Metrics / Trends Analyst
The successful candidate will work with multiple components in support of Network Assurance operations at the DISA Command Center (DCC), Ft. Meade, MD.
The DCC Network Assurance (NA) mission is charged with directing the operation and defense of the Global Information Grid (GIG)/DoDIN. DCC NA is chartered to provide 24x7x365 operational Information Assurance (IA) support to the Department of Defense (DOD) community via response and coordination of computer security incidents and near real-time strategic computer network defense (CND) analysis. The DCC correlates and analyzes all-source intelligence, counter-intelligence (CI), network monitor/performance data, Intrusion Detection System (IDS) data, law enforcement, and operations information to provide the DISA Director an integrated picture of daily enterprise services status and emergent computer/network incident details. With correlated information and reporting from subordinate NetOps centers, the DCC NA assesses network and military operational impacts, identifies courses of action that mitigate, recover and restore network services, prepares plans to execute corrective measures, and coordinates implementation and follow-up of approved actions with appropriate DOD and non-DOD organizations. The DCC exercises tactical control over DISA’s CND elements integrated into subordinate DISA Net Ops Centers (DNC) and Enterprise Service Centers (ESC).
The candidate will interact with members of intrusion analysis, incident response, vulnerability assessment, external assessment, and cyber threat analysis teams to support the capabilities of the organization and provide effective services to its subscribers.
Duties will include but not limited to the following:
• Collect and analyze cyber metrics on a monthly basis
• Review the DISA tool effectiveness by collecting daily alert, block and filtering data. This daily data will be compared to the last 90 days of data to provide a daily / weekly trend analysis report.
• Analyst(s) will also use previously obtained fusion I&W and compare against the daily trends to check for correlation.
• Review all incidents against the daily/weekly metrics to determine if the DISA tools are losing effectiveness and to determine if there are needs to modify the tools or algorithms. Based upon the metrics collected the analyst prepares the monthly MET readiness report for submission.
• Provides a monthly metrics/ trend analysis report based upon the trends observed over the review period.
· Education: Requires Bachelor’s degree or equivalent, and seven to nine years of related experience
· Licenses/Certification: DOD 8570.01M IAT-II; CND Analyst or CND Incident Responder (Security+CE minimum to start). Certified Ethical Hacker (CEH) will be required within 3 months of start date, if not already certified.
· Candidate must have a current Top Secret clearance with SCI Eligibility
Knowledge of security concepts, protocols (TCP/IP, HTTP, etc.), well-known ports (DNS, SMTP, FTP, LDAP, etc.), processes, architectures, and tools (authentication and access control technologies, intrusion detection, network traffic analysis, SIM technology, incident handling, media/?malware analysis, etc.?)
Experience with incident/event correlation tools such as ArcSight
Required Skills Include:
Interpersonal and People Skills
Ability to use a PC & MS Office applications (Word, PowerPoint, Excel, Access)
Ability to handle stress and work well under pressure
Analytical and Critical Thinking Skills
This is a FUNDED position and candidates meeting the requirements are available to start immediately. This is a Task Order on a 7-year contract to October 2019. If interested, please apply on-line and contact Mark Aschenbach, [email protected], (703) 488-2073
To apply for this job, contact: