CND/IR Analyst
Location: Ft. Meade Area, MD, USA
Strategic Ventures Consulting Group (SVCG), LLC is a technical and management consulting company that provides services that solve government and commercial clients’ most difficult problems. We believe in providing our employees with an outstanding work environment and opportunities for growth and success. We seek to hire professionals with a demonstrated record of success.
Job Description: The CND/IR Analyst will provide expert technical support to enterprise-wide CND technicians to document CND incidents, correlate incident data to identify specific vulnerabilities, and make recommendations enabling remediation to assist MARFORCYBER.
Responsibilities shall include, but are not limited to the following:
Qualifications:
Qualified candidates must possess an active DoD Top Secret/SCI Clearance.
Job Description: The CND/IR Analyst will provide expert technical support to enterprise-wide CND technicians to document CND incidents, correlate incident data to identify specific vulnerabilities, and make recommendations enabling remediation to assist MARFORCYBER.
Responsibilities shall include, but are not limited to the following:
- Performance of CND incident triage, to include determining, urgency, and potential impact; identifying the specific vulnerability, and making written recommendations that enable expeditious remediation.
- Monitoring external data sources (e.g., computer network defense vendor sites, Computer Emergency Response Teams, Storage Area Networks (SANs), Security Focus), update the CND threat condition, and determine which security issues may have an impact on the enterprise.
- Analyze log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security and perform command and control functions in response to incidents.
- Utilize forensically sound collection techniques of images and inspect to discern mitigation/remediation on enterprise systems, perform real-time CND incident handling (e.g., forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) to support deployable Incident Response Teams (IRTs).
- Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts and track and document CND incidents from initial detection through final resolution.
- Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, and security robustness), collect intrusion artifacts (e.g., source code, malware, and trojans), and use discovered data to enable mitigation of potential CND incidents within the enterprise.
Qualifications:
- Current IAT level III certification.
- Bachelor's degree from an accredited college or university preferred
- Proficient in: Acunetix, Adobe, Armitage Cobalt Strike, FireEye, Fluke Networks Air Magnet, F-Response, Encase Guidance Software, Hey Rays IDA Pro, IBM, McAfee Advanced Threat Defense, Network Miner Pro, Palo Alto, Burp Suite Professional, Metasploit Rapid 7, Red Seal, Splunk, VMWare, Domain Tools, Virus Total, Microsoft Products
- Python Programming, PowerShell Programming, and Script Development Experience
Qualified candidates must possess an active DoD Top Secret/SCI Clearance.