- Assists the Government lead in coordinating teams in preliminary incident response investigations
- Assists the Government lead with interfacing with the customer while on site
- Determines appropriate courses of actions in response to identified and analyses anomalous network activity
- Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
- Assists with the writing and publishing of Computer Network Defense guidance and reports on incident findings to appropriate constituencies
- Collects network intrusion artifacts (e.g., PCAP, domains, URI s, certificates, etc.) and uses discovered data to enable mitigation of potential Computer Network Defense incidents
- Analyzes identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information
- Collects network device integrity data and analyze for signs of tampering or compromise
- Assists with real-time CND incident handling (i.e., forensic collections, intrusion correlation and tracking, threat analysis, and advising on system remediation) tasks to support onsite engagements
- Assist with developing analytic solutions for mapping network traffic back to Threat TTPs
- Provide input to the Government lead in developing processes, standards, WI s, or SOPs
- U.S. Citizenship
- Must have an active TS/SCI clearance
- Must be able to obtain Client Suitability
- 5+ years of directly relevant experience in network investigations
- In depth knowledge of CND policies, procedures and regulations
- In depth knowledge of TCP/IP protocols
- In depth knowledge of standard protocols - ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS, etc.
- In depth knowledge and experience of Wifi networking
- In depth knowledge and experience of network topologies - DMZ s, WAN s, etc.
- Substantial knowledge of Splunk (or other SIEM s)
- Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (Telecommunication&CK)
- Ability to characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
- Ability to identify and analyze anomalies in network traffic using metadata
- Experience with reconstructing a malicious attack or activity based on network traffic
- Experience examining network topologies to understand data flows through the network
- Must be able to travel domestically on short notice
- Must be able to work collaboratively across physical locations
- Substantial knowledge of network device integrity concepts and methodologies
- Proficiency with network analysis software (e.g. Wireshark)
- Proficiency with carving and extracting information from PCAP data
- Proficiency with non-traditional network traffic (e.g. Command and Control)
- Knowledge of ICS/OT protocols
- Substantial knowledge of Arkime
- Experience with network sensors (e.g., Corelight, Cisco FMC, Suricata)
-
Program Analyst Iii
1 week ago
GVI, Inc. Arlington, United StatesGVI Inc., a subsidiary of Three Saints Bay, LLC and a Federal Government Contractor industry leader, has an opening for a highly motivated Program Analyst III located in Arlington, VA. · **Position Overview**: · - Liaison and Outreach Section Mission Statement · - To establish an ...
-
Business Analyst Iii
2 weeks ago
E-Logic, Inc. Arlington, United States**Responsibilities**: · - Support the JCDC Planning Office in Developing, maintaining, and implementing JCDC Planning Office-wide program management policies, procedures, processes, templates, and other documents. · - Develop and implement, at CISA's direction, a framework for th ...
-
Financial Analyst Iii
1 week ago
ProteQ Arlington, United StatesProteQ provides technical, business, and programmatic management services to government and commercial clients. ProteQ develops and manages programs, logistics, complex systems integration, engineering programs, field exercises and test plans. ProteQ also offers extensive environ ...
-
Project Analyst Iii
4 days ago
Insight Technology Solutions Arlington, United StatesInsight Technology Solutions will be pursuing a contract providing Joint Cyber Defense Collaborative (JCDC) Operational Technology Support to the Cybersecurity Infrastructure Security Agency (CISA). As part of this effort, we are looking to identify a Project Analyst to provide o ...
-
Business Analyst Iii
1 week ago
Na Ali'i Consulting & Sales, LLC. Arlington, United StatesOverview: · **Responsibilities**: · The following reflects management's definition of essential functions for this job but does not restrict the tasks that may be assigned. Management may assign additional duties and responsibilities to this job at any time due to reasonable acco ...
-
Business Analyst Iii
2 weeks ago
PD Systems LLC Washington, United States**Business Analyst III** · **Location: Washington, DC (Virtual - Remote work authorized)** · **_ · Contingent Upon Contract Award_** · **Education and Experience**: · - Must possess a Bachelor's Degree and 2-6 years of experience of relevant on-the-job experience. · - Must posses ...
-
Tier Iii Analyst
1 week ago
Peraton Washington, United States**About Peraton** · **Responsibilities** · We are seeking a **Tier III Analyst** to join our Peraton team who will lead and actively participate in the investigation, analysis, and resolution of Tier 3 and escalated cybersecurity incidents. · **What you'll do**: · The **Tier III ...
-
Project/business Analyst Iii
1 week ago
Leading Solutions LLC Arlington, United States**Project/Business Analyst III - Cybersecurity and Infrastructure Security Agency, Arlington, VA** · Function leads the development, maintenance, and implementation of the JCDC Planning Office's internal strategies, policies, processes, and procedures. This function also oversees ...
-
Security Investigations Analyst Iii
1 week ago
Olgoonik Arlington, United States**Olgoonik is an Equal Opportunity Employer - EEO, including disability/vets**: · Olgoonik is a strong family of professional contracting companies established to create benefits for our Alaska Native shareholders and fueled by the belief that to do so our operations must remain ...
-
Compliance Analyst Iii
2 weeks ago
Delaware Nation Industries Washington, United StatesThe United States Department of State, Bureau of Political-Military Affairs, Office of the Directorate of Defense Trade Controls (PM-DDTC) is responsible for the regulation of defense trade through the Arms Export Control Act (AECA) and its implementing regulations, the Internati ...
-
Isp- Management Analyst Iii
5 days ago
Dhara Consulting Group Arlington, United StatesToday · - Secret · - Unspecified · - Unspecified · - Arlington, VA** (ON-SITE/OFFICE)** · **PAC** · **Job ID ** · **PacArctic LLC**, a Koniag Government Services company, is seeking an experienced ISP - Management Analyst III with a Secret Clearance to support** PAC** and our Gov ...
-
Isp- Management Analyst Iii
6 days ago
PacArctic LLC Arlington, United States**PAC** · **Job ID ** · **PacArctic LLC**, a Koniag Government Services company, is seeking an experienced ISP - Management Analyst III with a Secret Clearance to support** PAC** and our Government customer in Arlington, VA. · We offer competitive compensation and an extraordinar ...
-
Management Analyst Iii
1 week ago
HunaTek Government Solutions Washington, United StatesHunaTek is seeking a **Management Analyst** to analyze business or operating procedures to obtain the most efficient methods of accomplishing work. He/She will plan study of work problems and procedures, such as organizational change, communications, information flow, integrated ...
-
Cyber Host Forensic Analyst Iii
3 weeks ago
Raytheon Arlington, United States**Date Posted**: · **Country**: · United States of America · **Location**: · VA149: 1110 N Glebe Road Arlington 1110 North Glebe Road Suite 630, Arlington, VA, 22201 USA · **Position Role Type**: · Hybrid · You have been redirected to RTX's career page as we have recently transit ...
-
Cyber Host Forensic Analyst Iii
2 weeks ago
Raytheon Arlington, United States**Date Posted**: · **Country**: · United States of America · **Location**: · VA149: 1110 N Glebe Road Arlington 1110 North Glebe Road Suite 630, Arlington, VA, 22201 USA · **Position Role Type**: · Hybrid · You have been redirected to RTX's career page as we have recently transit ...
-
Cyber Network Defense Analyst Iii
2 weeks ago
Raytheon Arlington, United States**Date Posted**: · **Country**: · United States of America · **Location**: · VA149: 1110 N Glebe Road Arlington 1110 North Glebe Road Suite 630, Arlington, VA, 22201 USA · **Position Role Type**: · Onsite · You have been redirected to RTX's career page as we have recently transit ...
-
Cyber Network Defense Analyst Iii
3 weeks ago
Raytheon Arlington, United States**Date Posted**: · **Country**: · United States of America · **Location**: · VA149: 1110 N Glebe Road Arlington 1110 North Glebe Road Suite 630, Arlington, VA, 22201 USA · **Position Role Type**: · Hybrid · You have been redirected to RTX's career page as we have recently transit ...
-
Cyber Network Forensic Analyst Iii
2 weeks ago
Raytheon Arlington, United States**Date Posted**: · **Country**: · United States of America · **Location**: · VA149: 1110 N Glebe Road Arlington 1110 North Glebe Road Suite 630, Arlington, VA, 22201 USA · **Position Role Type**: · Hybrid · You have been redirected to RTX's career page as we have recently transit ...
-
Management Analyst Iii
2 weeks ago
Cognitive Professional Services Bethesda, United StatesCognitive Professional Services Inc. is submitting a proposal bid and is seeking a qualified Management Analyst (Level III). Position may telework with some onsite. · **Requirements**: · - **Must be a U.S. citizen. **Must have the ability to prove U.S. citizenship. · - **Security ...
-
Revenue Analyst Iii
3 days ago
City of Alexandria, VA Alexandria, United States**Revenue Analyst III** · **An Overview** · The WEFO will be located at the Redella S. "Del" Pepper Community Resource Center, within the Mark Center development in Alexandria's West End. This newly renovated facility will include employee amenities such as a cafeteria, gym, and ...
Network Forensic Analyst III - Arlington, United States - iTech Solutions
Description
Network Forensic AnalystMulti Year Salaried Contract
2-3 Weeks of Training in Arlington, VA
Consultants living within 50 miles of Arlington, VA will need to be onsite 1 time per week
Hybrid (2-3) days onsite for consultants living closer than 50 miles to Arlington, VA
Must have ACTIVE TS Clearance
The Client s Hunt and Incident Response Team (HIRT) secures the nation s infrastructure. HIRT provides Client s front-line response for cyber incidents and proactive hunting for malicious cyber activity. The Client . provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks. The Client provides HIRT advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation, using host and network-based cybersecurity analysis capabilities. Personnel perform investigations to characterize the level of severity of breaches and develop mitigation/remediation plans.
Responsibilities:
BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 7-9 years of network investigations experience.
Desired Certifications:
- DoD IAT Level II, IASAE II, CSSP Analyst, GCIA, GCIH, CSSP Analyst/CSSP Incident Responder
Please send your resume to
Network Forensic Analyst III