Network Forensics Cybersecurity Analyst - Arlington, United States - Node

    Node
    Node Arlington, United States

    2 weeks ago

    Default job background
    Description
    Network Forensics Cybersecurity Analyst / Network Based Systems Analyst

    Location:
    Arlington, VA

    Must have Top Secret Security Clearance

    Node provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks and advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation, using host and network-based cybersecurity analysis capabilities.

    Personnel perform investigations to characterize the level of severity of breaches and develop mitigation/remediation plans.
    Node is seeking

    Network Forensics Cybersecurity Analysts

    to support this critical customer mission.

    Responsibilities:

    • Assists the Government lead in coordinating teams in preliminary incident response investigations
    • Assists the Government lead with interfacing with the customer while onsite
    • Determines appropriate courses of action in response to identified and analyses anomalous network activity
    • Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
    • Assists with the writing and publishing of Computer Network Defense guidance and reports on incident findings to appropriate constituencies
    • Collects network intrusion artifacts (e.g., PCAP, domains, URIs, certificates, etc.) and uses discovered data to enable mitigation of potential Computer Network Defense incidents
    • Analyzes identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information
    • Assists with realtime CND incident handling (i.e., forensic collections, intrusion correlation, and tracking, threat analysis, and advising on system remediation) tasks to support onsite engagements
    • Provide technical briefings as required.

    Required Skills:

    • U.S. Citizenship
    • Must have an active TS/SCI clearance
    • Must be able to obtain DHS Suitability
    • 8+ years of directly relevant experience in network investigations
    • Indepth knowledge of CND policies, procedures, and regulations
    • Indepth knowledge of standard protocols – ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS, TCP/IP
    • Indepth knowledge and experience of Wifi networking
    • Indepth knowledge and experience of network topologies
    • DMZs, WANs, etc.
    • Substantial knowledge of Splunk (or other SIEM's)
    • Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
    • Knowledge of Computer Network Defense policies, procedures, and regulations
    • Knowledge of defenseindepth principles and general attack stages with respect to network security architecture
    • Ability to characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
    • Ability to identify and analyze anomalies in network traffic using metadata
    • Experience with reconstructing a malicious attack or activity based on network traffic
    • Experience examining network topologies to understand data flows through the network
    • Must be able to work collaboratively across physical locations

    Desired Skills:

    • Substantial knowledge of network device integrity concepts and methodologies
    • Proficiency with network analysis software (e.g. Wireshark)
    • Proficiency with carving and extracting information from PCAP data
    • Proficiency with nontraditional network traffic (e.g. Command and Control)
    • Proficiency with preserving evidence integrity according to standard operating procedures or national standards
    • Proficiency with virtualized environments

    Required Education:


    BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 10+ years of network investigations experience.


    Desired Certifications:

    • DoD IAT Level II, IASAE II, CSSP Analyst, GCIA, GCIH, CSSP Analyst/CSSP Incident Responder, CEH
    • SANS GIAC GNFA preferred

    Company Overview:
    Node.
    Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.
    Our Core Values help us in our mission


    They include:

    OUR CORE VALUES
    Identifying the~RIGHT PEOPLE~and developing them to their full capabilities
    Our customer's "Mission" is our "Mission". Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner
    We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence
    Our mantra is "~Simple*Secure*Speed~" in the delivery of innovative services and solutions
    We are proud to offer competitive compensation and benefits packages to include:
    Medical
    Dental
    Vision
    Basic Life
    Long-Term Disability
    Health Saving Account
    401K
    Three weeks of PTO
    10 Paid Holidays
    Pre-Approved Online Training

    #J-18808-Ljbffr