NetCentrics provides the Department of Defense, Department of Homeland Security and other federal agencies with leading IT services including IT Strategy, mission applications, infrastructure and platform services, cloud solutions, service delivery and cybersecurity.
NetCentrics is looking for an experienced Computer Network Defense Analyst. This position is open only to candidates who are US Citizens and clearable for a government clearance.
Specific duties include:
- Reports detailing event results and remediation efforts.
- Maintain a list of tracked protective measures for applicable systems – both active and removed.
- Remediation recommendations to systems not controlled by INFOSEC.
- Document Standard Operating Procedures when performing required duties.
- Other documentation as needed or requested.
- Analyze raw data sources to extract, institutionalize, and document actionable events
- Document the flow of data and identify multiple distinct data sources where suspicious behavior can be identified – must also be able to identify supplemental sources where similar data may be found
- Investigate and identify the root cause behind security incidents – to include all stages of the cyber kill chain as appropriate
- Communicate and collaborate with colleagues to investigate incidents
- Investigate incidents both from a network and host/application level
- Investigate an incident, develop/communicate a timeline, and identify multiple scenarios based on the investigation
- Monitor, track and communicate reported events for numerous different security platforms, operating systems, databases, and management systems.
- Perform regular continuous monitoring of events across platforms, operating systems, databases, and management systems.
- Improve and implement indicators and protections across platforms, operating systems, databases, and management systems.
- Generate reports on a scheduled basis to document findings and remediation efforts, to include recommendations to the system owners.
- Design and implement dashboards and reports; create rapid prototypes
- Work with the system owners to remediate security issues derived through external and internal assessments.
- Develop processes to proactively address security risks and develop reporting dashboards in House security systems to continuously track progress.
- Work in an Integrated Operations Center with other business units to assist in incidents on behalf of Cyber Security
- Other duties as assigned.
- Demonstrated program level experience supporting network defense and strategies;
- Concepts of TCP/IP, network fundamental, network security, NetFlow and knowledge of tools such as Wireshark and Snort IDS,
- Knowledge of Bro and Security Onion.
- Knowledge of Fireeye’s product suite such as EMP and HX.
- A solid understanding of the current threats and tactics being used to attack systems, such as ransomware and phishing analysis.
- Ability to develop, document, and maintain use cases through Splunk or other SEIM technologies
- Working knowledge of the Windows Operating System with the ability to identify common and unexpected processes, network events, etc.
- Ability to generate a record of an investigation within an incident ticketing/tracking system
- Ability to safely handle a potentially malicious file and perform basic analysis
- Proficiency in writing Regular Expressions to extract data in Splunk via search-time and index-time extraction
- Ability to work in a high-pressure environment with changing priorities.
- Experience supporting the full lifecycle of indicators of compromise and signature process, to include development of security documentation;
- Ability to communicate effectively, both orally and in writing, with information technology professionals, and technical and non-technical users;
- Clearance: Must be a United States Citizen and clearable for a government clearance
- Bachelor’s degree in related field (i.e., Computer Science, Information Systems Management) and minimum of five (5) years of relevant IT security related work experience
- In lieu of a Bachelor’s degree, proposed staff should have at least eight (8) years of IT security experience.
- Years of Experience: 2-3 years using Splunk to conduct network forensic analysis and network security monitoring.
- As a contingency to employment at NetCentrics, all candidates who are given offers must successfully pass a full background investigation including criminal history, education and employment verifications.
- Certified Information Systems Security Professional (CISSP) and/or Cisco Certified Network Administrator (CCNA) and/or Checkpoint Certified Security Administrator (CCSA) and/or Checkpoint Certified Security Expert (CCSE) certification(s) is a plus.
**In order to be considered for this position, you must apply directly through our careers site**
This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.
NetCentrics is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.