Computer Network Defense (CND) Analyst

GuardSight

JOB PURPOSE:Monitor client networks, through the use of defensive measures and information collected from a variety of sources, to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.

JOB DUTIES:

* Detect host and network-based intrusions via intrusion detection technologies

* Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources

* Perform computer network defense (CND) trend analysis and reporting

* Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack

* Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts

* Conduct tests of information assurance (IA) safeguards in accordance with established test plans and procedures

* Identify and analyze anomalies in network traffic using metadata

* Identify and triage malware

* Create technically detailed reports based on intrusions and events

* Assist in troubleshooting and problem solving a wide variety of client issues

* Provide quality customer service with excellent communication skills

Requirements

* Knowledge of computer network defense (CND) and vulnerability assessment tools, including open source tools, and their capabilities

* Knowledge of Intrusion Detection System (IDS) tools and applications

* Knowledge of intrusion detection methodologies and techniques for detecting host- network-based intrusions via intrusion detection technologies

* Knowledge of content development

* Skill in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort)

* Knowledge of common adversary tactics, techniques, and procedures (TTPs) in assigned area of responsibility (e.g., historical country-specific TTPs, emerging capabilities)

* Knowledge of defense-in-depth principles and network security architecture

* Skill in collecting data from a variety of computer network defense resources

* Knowledge of computer network defense (CND) policies, procedures, and regulations

* Knowledge of the common attack vectors on the network layer

* Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution)

* Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation [nation state sponsored])

* Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)

* Knowledge of Intrusion Detection System (IDS) tools and applications

* Knowledge of the types of Intrusion Detection System (IDS) hardware and software

* Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies

* Skill in handling malware

* Skill in protecting a network against malware

* Knowledge of malware analysis concepts and methodology

* Skill in tuning sensors

GENERAL SKILLS / QUALIFICATIONS:

* Strong written and oral communication skills

* Strong interpersonal communication skills

* Ability to follow instructions

* Ability to work as part of a team

* Ability to work independently

INFORMATION SECURITY SPECIALIST SKILLS / QUALIFICATIONS:

* Bachelors degree and two years of IT / information security experience security experience; One year of additional IT / information security experience security experience may be substituted for each year of degree-level education.

* Certification in a minimum of one IT and / or cyber security discipline

SECURITY ANALYST I SKILLS / QUALIFICATIONS:

* Bachelors degree and two years of IT / information security experience; One year of additional IT / information security experience may be substituted for each year of degree-level education.

* CISSP or SANS or equivalent information security certification required

* Additional minimum of one IT and / or information security discipline certification desired

SECURITY ANALYST II SKILLS / QUALIFICATIONS:

* Bachelors degree and four years of IT / information security experience security experience; Two years of additional IT / information security experience may be substituted for each year of degree-level education

* CISSP certification required

* Additional minimum of one IT / information security security discipline certification required

Benefits

To be discussed.

To apply for this job please visit the following URL: http://itjobpro.com/59789 →