Computer Network Defense (CND) Analyst
- Military veterans preferred
2019-05-03 SAIC (www.saic.com)
Fort Meade Maryland 20755 United States
SAIC is seeking a Computer Network Defense / Incident
Response Analyst to work onsite with our customer in Ft. Meade, Maryland.
The CND Analyst shall identify, collect, and analyze network
and host data, and report events or incidents that occur or might occur within
a network to mitigate immediate and potential network and host threats.
The individual shall perform computer network defense (CND)
incident triage, to include:
Determining urgency, and potential impact;
Identifying the specific vulnerability; and making recommendations
that enable expeditious remediation,
Perform initial, forensically sound collection of images and
inspect to determine mitigation/remediation on enterprise systems;
Perform real-time computer network defense (CND) incident
handling (e. g., forensic collection, intrusion correlation/tracking, threat
analysis, and direct system remediation) task to support Incident Response
Teams, receive and analyze network alerts from various sources within the
enterprise and determine possible causes of such alerts, and track and document
computer network defense (CND) incidents from initial detection through final
Employ defense-in-depth principles and practices, collect
intrusion artifacts (e.g., source code, malware, and Trojans) and use
discovered data to enable mitigation of potential computer network defense
(CND) incidents within the enterprise.
Assist with analysis of actions taken by malicious actors to
determine initial infection vectors, establish a timeline of activity and any
data loss associated with incidents.
Provide expert technical support to enterprise-wide CND
technicians to document CND incidents, correlate incident data to identify
specific vulnerabilities and to make recommendations enabling remediation.
Bachelor’s degree in Computer Science/Cyber Security/Computer Information or Information Systems.
Must have 10 years of recent work experience in Incident Response.
Must have an IAT Level III certification (CISSP, GCED, CASP CE, CCNP Security, CISA, GCIH)
Experience using various incident response tools (e.g.,
Acunetix, Adobe, Cobalt Strike, FireEye, Fluke Networks Air Magnet, F-Response,
Encase Guidance Software, IDA Pro, McAfee Advance Threat Defense, Network Miner
Pro, Palo Alto, Burp Suite Professional, Metasploit Rapid 7, Red Seal, Splunk,
VMWare, Domain Tools, Virus Tools, Microsoft Products, Operating Systems (e.g.,
Windows OS 2008 and 2012; Linux)
Experience with programming tools such as Python, PowerShell
and also able to develop Scripts with Scripting languages/tools.
Experience monitoring external data sources (e.g., computer
network defense vendor sites, Computer Emergence Response Teams, SANS, Security
Focus), update the CND threat condition, and determine which security issues
may have an impact on the enterprise.
Experience analyzing log files, firewalls,
firewall logs, and intrusion detection systems and IDS Logs to identify
possible threats to network security, and to perform command and control functions
in response to incidents.
Experience on a Cyber Protection Team, DoD/US CERT or other USG Red Team.
Experience with Big Data Platform, AI, and or Machine Learning.
Candidate must currently possess and be able to maintain TS/SCI with Polygraph