The Defense Systems Group of
SAIC is seeking a Computer Network Defense / Incident Response (CND/IR) Analyst
with an active TS/SCI Polygraph to work onsite with our customer at Ft. Meade.
The CND/IR Analyst shall
identify, collect, and analyze network and host data, and report events or
incidents that occur or might occur within a network to mitigate immediate and
potential network and host threats.
The individual shall perform
computer network defense (CND) incident triage, to include:
- Determining urgency, and
- Identifying the specific
vulnerability; and making recommendations that enable expeditious remediation;
- Perform initial,
forensically sound collection of images and inspect to determine
mitigation/remediation on enterprise systems;
- Perform real-time computer
network defense (CND) incident handling (e. g., forensic collection, intrusion
correlation/tracking, threat analysis, and direct system remediation) task to
support Incident Response Teams, receive and analyze network alerts from
various sources within the enterprise and determine possible causes of such
alerts, and track and document computer network defense (CND) incidents from
initial detection through final resolution;
- Employ defense-in-depth
principles and practices, collect intrusion artifacts (e.g., source code,
malware, and Trojans) and use discovered data to enable mitigation of potential
computer network defense (CND) incidents within the enterprise.
- Assist with analysis of
actions taken by malicious actors to determine initial infection vectors,
establish a timeline of activity and any data loss associated with incidents.
- Provide expert technical
support to enterprise-wide CND technicians to document CND incidents, correlate
incident data to identify specific vulnerabilities and to make recommendations
REQUIRED EDUCATION AND
- Minimum of five (5) years of
recent work experience in Computer Network Defense and Incident Response with a
Bachelor’s degree in Computer Science/Cyber Security/Computer Information or
Information Systems. Additional years of experience may be considered in lieu
of a degree.
- IAT Level III certification
(CISSP, GCED, CASP CE, CCNP Security, CISA, GCIH)
- Experience using various
incident response tools (e.g., Acunetix, Adobe, Cobalt Strike, FireEye, Fluke
Networks Air Magnet, F-Response, Encase Guidance Software, IDA Pro, McAfee
Advance Threat Defense, Network Miner Pro, Palo Alto, Burp Suite Professional,
Metasploit Rapid 7, Red Seal, Splunk, VMWare, Domain Tools, Virus Tools,
Microsoft Products, Operating Systems (e.g., Windows OS 2008 and 2012; Linux).
- Experience with programming
tools such as Python, PowerShell and also able to develop Scripts with
- Experience monitoring
external data sources (e.g., computer network defense vendor sites, Computer
Emergence Response Teams, SANS, Security Focus), update the CND threat
condition, and determine which security issues may have an impact on the
- Experience analyzing log
files, firewalls, firewall logs, and intrusion detection systems and IDS Logs
to identify possible threats to network security, and to perform command and
control functions in response to incidents.
- Experience on a Cyber
Protection Team, DoD/US CERT or other USG Red Team.
- Experience with Big Data
Platform, AI, and or Machine Learning.
- Candidate must currently
possess and be able to maintain TS/SCI with Polygraph
SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions.
We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability