The Defense Systems Group of
SAIC is seeking a Computer Network Defense / Incident Response Analyst with an
active TS/SCI Polygraph to work onsite at Ft. Meade.
The CND Analyst shall
identify, collect, and analyze network and host data, and report events or
incidents that occur or might occur within a network to mitigate immediate and
potential network and host threats.
- Performing computer network
defense (CND) incident triage, to include determining urgency, and potential
- Identifying the specific
vulnerability and making recommendations that enable expeditious remediation,
and making recommendations that enable expeditious remediation, perform
initial, forensically sound collection of images and inspect to determine
mitigation/remediation on enterprise systems.
- Performing real-time
computer network defense (CND) incident handling (e. g., forensic collection,
intrusion correlation/tracking, threat analysis, and direct system remediation)
task to support Incident Response Teams
- Receiving and analyzing
network alerts from various sources within the enterprise and determining
possible causes of such alerts, and track and document computer network defense
(CND) incidents from initial detection through final resolution.
- Employing defense-in-depth
principles and practices, collect intrusion artifacts (e.g., source code,
malware, and Trojans) and use discovered data to enable mitigation of potential
computer network defense (CND) incidents within the enterprise.
with analysis of actions taken by malicious actors to determine initial
infection vectors, establish a timeline of activity and any data loss
associated with incidents.
The candidate must be able
to provide expert technical support to enterprise-wide CND technicians to
document CND incidents, correlate incident data to identify specific
vulnerabilities and to make recommendations enabling remediation. Must have experience monitoring external data
sources (e.g., computer network defense vendor sites, Computer Emergence
Response Teams, SANS, Security Focus), update the CND threat condition, and
determine which security issues may have an impact on the enterprise. Must have experience analyzing log files,
firewalls, firewall logs, and intrusion detection systems and IDS Logs to
identify possible threats to network security, and to perform command and
control functions in response to incidents.
REQUIRED EDUCATION AND EXPERIENCE
- Ten (10) years of relevant
experience with a Bachelor’s degree in Computer Science/Cyber Security/Computer
Information or Information Systems
- Must have an IAT Level
III certification (CISSP, GCED, CASP CE, CCNP Security, CISA, GCIH)
- Experience using various
incident response tools (e.g., Acunetix, Adobe, Cobalt Strike, FireEye, Fluke
Networks Air Magnet, F-Response, Encase Guidance Software, IDA Pro, McAfee
Advance Threat Defense, Network Miner Pro, Palo Alto, Burp Suite Professional,
Metasploit Rapid 7, Red Seal, Splunk, VMWare, Domain Tools, Virus Tools,
Microsoft Products, Operating Systems (e.g., Windows OS 2008 and 2012; Linux)
- Experience with
programming tools such as Python, PowerShell and also able to develop Scripts
with Scripting languages/tools.
- Experience monitoring
external data sources (e.g., computer network defense vendor sites, Computer
Emergence Response Teams, SANS, Security Focus), update the CND threat
condition, and determine which security issues may have an impact on the
- Experience analyzing log
files, firewalls, firewall logs, and intrusion detection systems and IDS Logs
to identify possible threats to network security, and to perform command and
control functions in response to incidents.
must currently possess and be able to maintain TS/SCI with
- Experience on a Cyber Protection Team, DoD/US CERT or other USG Red Team.
- Experience with Big Data Platform, AI, and or Machine Learning.
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability