Computer Network Defense & Incident Response Analyst with Security Clearance
Top Skills' Details1) IAT II and CND Analyst or IR compliant2) IDS/IPS experience - Splunk3) PCAP analysis - WiresharkJob DescriptionComputer Network Defense & Incident Response AnalystCharleston, SC Minimum of a Secret Clearance Required with ability to obtain TS/SCI Position Description As a CND Incident Response Analyst you will identify, isolate, investigate, inform, and implement measures to detect and protect data across a wide spectrum of sources and locationsYou will validate suspicious events or reports and determine if the event constitutes an incidentYou will ensure incidents are properly entered into the appropriate reporting system and determine the severity of the incidentPosition Requirements and Duties o Maintains familiarity with CJCSM 6510.01B.o Compiles and maintains internal standard operating procedure (SOP) documentation.o Ensures associated documentation and capabilities remain compliant with CJCSM 6510.01B and other applicable policy directives.o Provides network intrusion detection and monitoring, correlation analysis, incident response and support for the Cybersecurity Service Provider (CSSP) and its subscriber sites.o Validates suspicious events or reports and determine if the event constitutes an incident and properly enter associated data into the appropriate reporting systems.o Coordinates with JFHQ-DoDIN and supported entities regarding significant incidents to ensure proper analysis is performed and timely and accurate reporting of the incident is completed.o Provides 24x7 support for the CSSP's Incident Response capability during non-core business hours consistent with CSSP requirements as needed.o Performs network and host-based digital forensics on Microsoft Windows based systems and other operating systems as necessary to enhance response to, support of, and investigation into significant network incidents.o Possesses working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.).o Explores patterns in network and system activity via log correlation using Splunk and supplemental toolso Possesses understanding of IDS/IPS solutions to include signature development and implementationo Participates in program reviews, product evaluations, and onsite certification evaluations-Up to 15% Travel may be required- Overtime may be required as needed to support incident response actions (Surge)- Due to the nature of the work required, operations are conducted 24/7/365 with three primary shiftsChoice of shifts will be made available with the understanding that placement is at the discretion of the CSSP Services Director and/or assigned managerQualifications 4
years experience in Cybersecurity Service Provider (CSSP) environment or similarDoD or DoN Cybersecurity Workforce (CSWF) Certification or compliance (DoDD 8140 or SECNAV M-5239)Required Skills Knowledge of Incident Response ProceduresKnowledge of Packet AnalysisKnowledge of IDS/IPS solutionsFamiliarity with various Host-Based ToolsExperience with Log Aggregation ToolsLogical thinking and analytical abilityVerbal and written communication abilityHighly Desired Skills Knowledge of CJCSM 6510.01BExperience with Digital ForensicsThe ability to solve problems independently Additional Skills & QualificationsMust be IAT II and CND IR compliant90 days to obtain certCandidates highly preferred to be compliant upon interviewWill be required to obtain Windows OS cert - Fed VTE skill soft training with fulfill requirement (Free) Need to be flexible on shifts based on the nature of the work 24/365There is a weekend rotationIAT II Certs and Above:
CCNA Security, CySA
, GICSP, GSEC, Security
CE, CND, SSCP, CASP
CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSPCSSP Certs:
CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA
, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+, SSCP, CHFI, CFR, CND, CCNA-Security, GCFA, CISA, GSNA,, CISM, CISSP, CCISO Recommended Skills Analytical Certified Information Security Manager Certified Information Systems Security Professional Cisco Certified Network Associate Cisco Certified Network Professional Communication Apply to this job. Think you're the perfect candidate? Apply on company site $(document).ready( function() $(#ads-desktop-placeholder).html(
n
n
n Estimated Salary: $20 to $28 per hour based on qualifications.
years experience in Cybersecurity Service Provider (CSSP) environment or similarDoD or DoN Cybersecurity Workforce (CSWF) Certification or compliance (DoDD 8140 or SECNAV M-5239)Required Skills Knowledge of Incident Response ProceduresKnowledge of Packet AnalysisKnowledge of IDS/IPS solutionsFamiliarity with various Host-Based ToolsExperience with Log Aggregation ToolsLogical thinking and analytical abilityVerbal and written communication abilityHighly Desired Skills Knowledge of CJCSM 6510.01BExperience with Digital ForensicsThe ability to solve problems independently Additional Skills & QualificationsMust be IAT II and CND IR compliant90 days to obtain certCandidates highly preferred to be compliant upon interviewWill be required to obtain Windows OS cert - Fed VTE skill soft training with fulfill requirement (Free) Need to be flexible on shifts based on the nature of the work 24/365There is a weekend rotationIAT II Certs and Above:
CCNA Security, CySA
, GICSP, GSEC, Security
CE, CND, SSCP, CASP
CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSPCSSP Certs:
CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA
, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+, SSCP, CHFI, CFR, CND, CCNA-Security, GCFA, CISA, GSNA,, CISM, CISSP, CCISO Recommended Skills Analytical Certified Information Security Manager Certified Information Systems Security Professional Cisco Certified Network Associate Cisco Certified Network Professional Communication Apply to this job. Think you're the perfect candidate? Apply on company site $(document).ready( function() $(#ads-desktop-placeholder).html(
n
n
n Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
