- Assists the Government lead in coordinating teams in preliminary incident response investigations
- Assists the Government lead with interfacing with the customer while on site
- Determines appropriate courses of actions in response to identified and analyses anomalous network activity
- Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
- Assists with the writing and publishing of Computer Network Defense guidance and reports on incident findings to appropriate constituencies
- Collects network intrusion artifacts (e.g., PCAP, domains, URI's, certificates, etc.) and uses discovered data to enable mitigation of potential Computer Network Defense incidents
- Analyzes identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information
- Collects network device integrity data and analyze for signs of tampering or compromise
- Assists with real-time CND incident handling (i.e., forensic collections, intrusion correlation and tracking, threat analysis, and advising on system remediation) tasks to support onsite engagements
- Assist with developing analytic solutions for mapping network traffic back to Threat TTPs
- Provide input to the Government lead in developing processes, standards, WI's, or SOPs
- U.S. Citizenship
- Must have an active TS/SCI clearance
- Must be able to obtain Client Suitability
- 5+ years of directly relevant experience in network investigations
- In depth knowledge of CND policies, procedures and regulations
- In depth knowledge of TCP/IP protocols
- In depth knowledge of standard protocols – ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS, etc.
- In depth knowledge and experience of Wifi networking
- In depth knowledge and experience of network topologies - DMZ's, WAN's, etc.
- Substantial knowledge of Splunk (or other SIEM's)
- Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (Telecommunication&CK)
- Ability to characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
- Ability to identify and analyze anomalies in network traffic using metadata
- Experience with reconstructing a malicious attack or activity based on network traffic
- Experience examining network topologies to understand data flows through the network
- Must be able to travel domestically on short notice
- Must be able to work collaboratively across physical locations
- Substantial knowledge of network device integrity concepts and methodologies
- Proficiency with network analysis software (e.g. Wireshark)
- Proficiency with carving and extracting information from PCAP data
- Proficiency with non-traditional network traffic (e.g. Command and Control)
- Knowledge of ICS/OT protocols
- Substantial knowledge of Arkime
- Experience with network sensors (e.g., Corelight, Cisco FMC, Suricata)
-
Program Analyst III
1 week ago
Bennett Aerospace Arlington, United StatesOverview · Bennett Aerospace , Inc. has an opening for a highly motivated Program Analyst III in support ofa Federal Law Enforcement client located in Arlington, VA. The successful candidate will use his or her knowledge of applying analytic methodologies and principles to ad ...
-
Functional Analyst III
3 weeks ago
Nakupuna Companies Arlington, United States Full time SalariedOverview · Nakupuna Consulting is seeking a Functional Analyst III to join the software development team supporting the execution of a large size, multi-year contract to the Integrated Personnel and Pay System – Army (IPPS-A) Army Military Payroll (AMP). Nakupuna Consulting is e ...
-
Data Analyst III
1 week ago
Kent, Campa and Kate Inc. Arlington, United StatesJob Description · Job DescriptionBackground: · Kent, Campa and Kate Incorporated (KCK) is a federal contracting company that provides professional services to Government Agencies. We are currently seeking candidates for a Data Analyst III position located in Arlington, VA. · Pos ...
-
Program Analyst III
1 day ago
CAMRIS International Arlington, United StatesOverview · We are seeking a Program Analyst III to potentially support the Defense Advanced Research Projects Agency (DARPA) Technical and Analytical Support Services (TASS) multiple-award, indefinite delivery/indefinite quality (IDIQ). This high-profile position is a great care ...
-
HRIS Analyst III
1 week ago
D.R. Horton Arlington, United StatesD.R. Horton, Inc., the largest homebuilder in the U.S., was founded in 1978 and is a publicly traded company on the New York Stock Exchange. It is engaged in the construction and sale of high quality homes designed principally for the entry-level and first time move-up markets. T ...
-
Management Analyst III
5 days ago
Koniag Government Services Arlington, United StatesPAC · Job ID · PacArctic LLC, a Koniag Government Services company, is seeking an experienced Management Analyst III with a Secret Clearance to support PAC and our Government customer in Arlington, VA. · We offer competitive compensation and an extraordinary benefits package i ...
-
HRIS Analyst III
4 weeks ago
D.R. Horton Arlington, United StatesD. R. Horton, Inc., the largest homebuilder in the U.S., was founded in 1978 and is a publicly traded company on the New York Stock Exchange. It is engaged in the construction and sale of high quality homes designed principally for the entry-level an HRIS Analyst, HRIS, Analyst, ...
-
Program Analyst III
4 weeks ago
ADS Federal Arlington, United StatesJob Type · Full-time · Description · Allegient Defense provides technically oriented services from program management to advanced systems integration and engineering. We support Government and prime system integrators with engineering and management expertise. Allegient Defense ...
-
Security Investigations Analyst III
3 weeks ago
Olgoonik Arlington, United States regular Full timeOlgoonik is an Equal Opportunity Employer - EEO, including disability/vets · Olgoonik is a strong family of professional contracting companies established to create benefits for our Alaska Native shareholders and fueled by the belief that to do so our operations must remain of t ...
-
Financial Analyst III
3 weeks ago
Blue Origin Washington, United States Full timeAt Blue Origin, we envision millions of people living and working in space for the benefit of Earth. We're working to develop reusable, safe, and low-cost space vehicles and systems within a culture of safety, collaboration, and inclusion. Join our diverse team of problem solvers ...
-
Business Analyst III
3 weeks ago
PD Systems LLC Washington, United StatesJob Description · Job DescriptionBusiness Analyst III · Location: Washington, DC (Virtual - Remote work authorized) · Contingent Upon Contract Award · Responsibilities: PD Systems has a contingent requirement for a full-time Business Analyst III to provide comprehensive business ...
-
Project-Business Analyst III
3 weeks ago
Aperio Global Arlington, United StatesJob Description · Job DescriptionAperio Global is seeking a highly skilled Project-Business Analyst III to join our dynamic team in an upcoming program. This position under the Cybersecurity and Infrastructure Security Agency (CISA), leads the development, maintenance, and implem ...
-
HRIS Analyst III
3 weeks ago
D.R. Horton Arlington, United States*D.R. Horton, Inc., the largest homebuilder in the U.S.,*was founded in 1978 and is a publicly traded company on the New York Stock Exchange. It is engaged in the construction and sale of high quality homes designed principally for the entry-level and first time move-up markets. ...
-
Sierra Nevada Corporation Arlington, United StatesAre you looking for an opportunity to deepen your compliance skills in a meaningful work environment that supports and protects explorers and heroes? Join our team As an International Trade Compliance Analyst III, you'll be using your skills and expertise to support our comprehen ...
-
Operations Research Analyst Level III
2 days ago
Axient Washington, United StatesCheck out this NEW Opportunity with Axient · Axient is seeking an Operations Research Analyst Level III to join our Decision Support team at the Headquarters of the United States Air Force Deputy Chief of Staff for Strategy, Integration and Requirements in Washington DC. · The ...
-
Financial Analyst Iii
3 weeks ago
ProteQ Arlington, United StatesProteQ provides technical, business, and programmatic management services to government and commercial clients. ProteQ develops and manages programs, logistics, complex systems integration, engineering programs, field exercises and test plans. ProteQ also offers extensive environ ...
-
Cyber Network Defense Analyst Level III
3 weeks ago
Zachary Piper Solutions Arlington, United StatesThe DHS's Hunt and Incident Response Team (HIRT) secures the Nation's cyber and communications infrastructure. HIRT provides DHS's front-line response for cyber incidents and proactively hunting for malicious cyber activity. Zachary Piper Solutions, as a prime contractor to DHS, ...
-
Management Analyst III
5 days ago
CGI Technologies and Solutions, Inc. Alexandria, United StatesManagement Analyst III - JCSU (TOP SECRET Req) · Category: Administration · Main location: United States, Virginia, Newington · Position ID: J · Employment Type: Full Time · Position Description: · CGI Federal is seeking a Management Analyst III to support FBI in Newington, ...
-
Network Based Systems Analyst III
1 day ago
Farfield Systems Arlington, United StatesJob Description · Job DescriptionFarfield will assist the Federal staff within the Cybersecurity and Infrastructure Protection Agency (CISA) Hunt and Incident Response Team (HIRT), and National Cybersecurity and Assessment and Technical Services (NCATS) branches, with a broad set ...
-
Management Analyst III
4 weeks ago
KMS Solutions, LLC Alexandria, United StatesJob Description · Job DescriptionManagement Analyst III - Maintenace Availability · Summary/objective: · KMS Solutions, LLC is a technical management/solutions company that specializes in engineering, analysis, and cyber security. Founded in 2005, KMS is a certified small busine ...
Network Forensic Analyst III - Arlington, United States - Ampcus Incorporated
Description
Network Forensic AnalystMulti Year Salaried Contract
2-3 Weeks of Training in Arlington, VA
Consultants living within 50 miles of Arlington, VA will need to be onsite 1 time per week
Hybrid (2-3) days onsite for consultants living closer than 50 miles to Arlington, VA
The Client's Hunt and Incident Response Team (HIRT) secures the nation's infrastructure. HIRT provides Client's front-line response for cyber incidents and proactive hunting for malicious cyber activity. The Client . provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks. The Client provides HIRT advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation, using host and network-based cybersecurity analysis capabilities. Personnel perform investigations to characterize the level of severity of breaches and develop mitigation/remediation plans.
Responsibilities:
BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 7-9 years of network investigations experience.
Desired Certifications:
- DoD IAT Level II, IASAE II, CSSP Analyst, GCIA, GCIH, CSSP Analyst/CSSP Incident Responder
Please send your resume to