SAIC is seeking a Computer Network Defense /
Incident Response Analyst with an active TS/SCI Polygraph to work onsite with
our customer at Ft. Meade in Maryland.
The CND Analyst shall identify, collect, and
analyze network and host data, and report events or incidents that occur or
might occur within a network to mitigate immediate and potential network and
The individual shall perform computer network
defense (CND) incident triage, to include:
Determining urgency and
Identifying the specific
vulnerability; and making recommendations that enable expeditious remediation,
forensically sound collection of images and inspect to determine
mitigation/remediation on enterprise systems;
computer network defense (CND) incident handling (e. g., forensic collection,
intrusion correlation/tracking, threat analysis, and direct system remediation)
task to support Incident Response Teams, receive and analyze network alerts
from various sources within the enterprise and determine possible causes of
such alerts, and track and document computer network defense (CND) incidents
from initial detection through final resolution
principles and practices, collect intrusion artifacts (e.g., source code,
malware, and Trojans) and use discovered data to enable mitigation of potential
computer network defense (CND) incidents within the enterprise.
Assist with analysis of
actions taken by malicious actors to determine initial infection vectors,
establish a timeline of activity and any data loss associated with incidents.
Provide expert technical
support to enterprise-wide CND technicians to document CND incidents, correlate
incident data to identify specific vulnerabilities and to make recommendations
REQUIRED EDUCATION AND EXPERIENCE:
Minimum of ten (10) years of experience in
Incident Response with a Bachelor’s degree in Computer Science/Cyber
Security/Computer Information or Information Systems.
Must have an IAT Level
III certification (CISSP, GCED, CASP CE, CCNP Security, CISA, GCIH) or the
ability to obtain one within three (3) months of employment.
Experience using various
incident response tools (e.g., Acunetix, Adobe, Cobalt Strike, FireEye, Fluke
Networks Air Magnet, F-Response, Encase Guidance Software, IDA Pro, McAfee
Advance Threat Defense, Network Miner Pro, Palo Alto, Burp Suite Professional,
Metasploit Rapid 7, Red Seal, Splunk, VMWare, Domain Tools, Virus Tools,
Microsoft Products, Operating Systems (e.g., Windows OS 2008 and 2012; Linux)
programming tools such as Python, PowerShell and also able to develop Scripts
with Scripting languages/tools.