Join our Talent Network >

Computer Network Defense/Incident Response (CND/IR) Analyst

Job ID: 200793
Location: FORT MEADE, MD, United States
Date Posted: Feb 3, 2020
Category: Cyber
Subcategory: Cyber Sec Analyst
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: TS/SCI with Poly
Clearance Level Must Be Able to Obtain: None
Potential for Teleworking: No

Share: mail

Job Description

Description

The Defense Systems Group of SAIC is seeking a Computer Network Defense / Incident Response Analyst with an active TS/SCI Polygraph to work onsite at Ft. Meade.

The CND Analyst shall identify, collect, and analyze network and host data, and report events or incidents that occur or might occur within a network to mitigate immediate and potential network and host threats.

Responsibilities include:

  • Performing computer network defense (CND) incident triage, to include determining urgency, and potential impact.
  • Identifying the specific vulnerability and making recommendations that enable expeditious remediation, and making recommendations that enable expeditious remediation, perform initial, forensically sound collection of images and inspect to determine mitigation/remediation on enterprise systems.
  • Performing real-time computer network defense (CND) incident handling (e. g., forensic collection, intrusion correlation/tracking, threat analysis, and direct system remediation) task to support Incident Response Teams
  • Receiving and analyzing network alerts from various sources within the enterprise and determining possible causes of such alerts, and track and document computer network defense (CND) incidents from initial detection through final resolution.
  • Employing defense-in-depth principles and practices, collect intrusion artifacts (e.g., source code, malware, and Trojans) and use discovered data to enable mitigation of potential computer network defense (CND) incidents within the enterprise. 
  • Assisting with analysis of actions taken by malicious actors to determine initial infection vectors, establish a timeline of activity and any data loss associated with incidents.

 

The candidate must be able to provide expert technical support to enterprise-wide CND technicians to document CND incidents, correlate incident data to identify specific vulnerabilities and to make recommendations enabling remediation.  Must have experience monitoring external data sources (e.g., computer network defense vendor sites, Computer Emergence Response Teams, SANS, Security Focus), update the CND threat condition, and determine which security issues may have an impact on the enterprise.  Must have experience analyzing log files, firewalls, firewall logs, and intrusion detection systems and IDS Logs to identify possible threats to network security, and to perform command and control functions in response to incidents.


#LI-BB1

#MARFORCYBER

Qualifications

REQUIRED EDUCATION AND EXPERIENCE

  • Minimum nine (9) years of relevant experience with a Bachelor’s degree in Computer Science/Cyber Security/Computer Information or Information Systems.  Additional years of experience may be considered in lieu of a degree. 
  • Must have an IAT Level III certification (CISSP, GCED, CASP CE, CCNP Security, CISA, GCIH) or the ability to obtain one within 90 days. .
  • Experience using various incident response tools (e.g., Acunetix, Adobe, Cobalt Strike, FireEye, Fluke Networks Air Magnet, F-Response, Encase Guidance Software, IDA Pro, McAfee Advance Threat Defense, Network Miner Pro, Palo Alto, Burp Suite Professional, Metasploit Rapid 7, Red Seal, Splunk, VMWare, Domain Tools, Virus Tools, Microsoft Products, Operating Systems (e.g., Windows OS 2008 and 2012; Linux)
  • Experience with programming tools such as Python, PowerShell and also able to develop Scripts with Scripting languages/tools.
  • Experience monitoring external data sources (e.g., computer network defense vendor sites, Computer Emergence Response Teams, SANS, Security Focus), update the CND threat condition, and determine which security issues may have an impact on the enterprise. 
  • Experience analyzing log files, firewalls, firewall logs, and intrusion detection systems and IDS Logs to identify possible threats to network security, and to perform command and control functions in response to incidents.

REQUIRED CLEARANCE

  • Candidate must currently possess and be able to maintain TS/SCI with Polygraph

 

Desired Qualifications

 

Desired:

  • Experience on a Cyber Protection Team, DoD/US CERT or other USG Red Team.
  • Experience with Big Data Platform, AI, and or Machine Learning


Overview

SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 23,000 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $6.5 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability

Share: mail

Similar Jobs

Cloud Security Analyst

WASHINGTON, DC, United States
Cyber

Cyber Security Analyst

WASHINGTON, DC, United States
Cyber

Cyber and Intelligence Industry Networking Event

FORT MEADE, MD, United States
Cyber

Engineer Info Assurance 5

ANNAPOLIS JUNCTION, MD, United States
Cyber

Security Analyst SME

WASHINGTON, DC, United States
Cyber

Information Network Operations Planner

FORT MEADE, MD, United States
Cyber

Information Operations Analyst

FORT MEADE, MD, United States
Cyber

Defensive Cyber Operations (DCO) Planner

FORT MEADE, MD, United States
Cyber

Offensive Cyber Operations Fires Planner

FORT MEADE, MD, United States
Cyber

Defensive Cyber Operations (DCO) Analyst

FORT MEADE, MD, United States
Cyber

Cyberspace Analyst I

FORT MEADE, MD, United States
Cyber

Mainframe Security System Administrator

WASHINGTON, DC, United States
Cyber

Cyber Security Manager

WASHINGTON, DC, United States
Cyber

Splunk Administrator

WASHINGTON, DC, United States
Cyber

Offensive Cyber Operations (OCO) Planner

FORT MEADE, MD, United States
Cyber

Offensive Cyber Operations Planner - JMOC

FORT MEADE, MD, United States
Cyber

Cyberspace Analyst II

FORT MEADE, MD, United States
Cyber

Sr. Cyberspace Operations Planner

FORT MEADE, MD, United States
Cyber

Cyber Operations Specialist Principal

FORT MEADE, MD, United States
Cyber

Cyberspace Fires (Targets) Analyst II

FORT MEADE, MD, United States
Cyber

Cybersecurity Engineer

FORT MEADE, MD, United States
Cyber

Sr. Cybersecurity Engineer

FORT MEADE, MD, United States
Cyber

Cyber Financial Intelligence Analyst

FORT MEADE, MD, United States
Cyber

Cyberspace Persona Intelligence Analyst

FORT MEADE, MD, United States
Cyber

Provide your information to receive jobs that fit you by keywords, location, and more,
and then receive great opportunities based on your skills and experience.

Join our Talent Network >