Computer Network Defense/ Incident Response Analyst - Mid (Richmond)
Employment Type: Full-Time
Industry: Information Technology
Loading some great jobs for you...
Computer Network Defense/ Incident Response Analyst- Mid (PACAF-19-1683-F)Bowhead is seeking mid-level Computer Network Defense (CND) / Incident Response (IR) Analysts to support the development, execution, and maintenance of full-scope CND and IR operations that monitor for, detect, protect against, and respond to cyber exploitation and attack efforts against all of the organizations systems, networks, and users for a government client in Alexandria, VA.In support of this task, the analysts will perform the following activities which include, but are not limited to: Innovate new methods to use existing tools and data sources (and identify and obtain new data sources) to detect cyber intrusions, while reducing false positives while not allowing false negatives in the methodologies that are implemented. Ensure that all alerts are monitored, interpreted, analyzed, and investigated to ensure that network intrusion attempts are detected and prevented from expanding the scope of exploitation beyond the initial detected intrusion point. Innovate new methods to use existing tools and data sources, and identify and obtain new data sources, to prevent cyber intrusions, while always maintaining high availability of network and information services to the customer base. Research open source and classified reporting to determine if a given incident was related to a generic Internet threat or an advanced persistent threat, and brief the customer immediately of all persistent threat activity. Provide cyber threat risk assessments and real time threat mitigation and countermeasure options, as well as course of action planning and execution. BS in computer science, engineering, mathematics, business or related field of study from an accredited institution. Current working knowledge of Information Assurance as it relates to operational testing, incident response, and computer network defense. Extensive knowledge of network attack patterns, detection techniques, trends, threat actors and techniques for defending a network against these attacks. Experience conducting active hunting for network intrusion on a network involving manual packet capture analysis, Domain Name System (DNS) log review, open source and closed source intelligence analysis. Experience creating detailed reports on attack trends and recommended mitigations that are suitable for both senior leaders and technical audiences. Experience gathering, analyzing and implementing defenses against Indicators of Compromise (IOC) gathered from open forums, closed forums, mailing lists and directed research. A minimum of 5 years experience in the following areas:a. IA metrics, data collection methodologies, data collating and reporting in an operational testing environment.b. Mandiant Incident Response (MIR), FireEye, Cisco WebProxy, Splunk, Bro IDS, Solara, Wireshark and other open/closed source network defense tools/productsc. Vulnerability assessments, results analysis and recommended risk mitigation solutions.d. Forensic investigation of network intrusion and the ability to recreate an incident from information gathered on compromised systems using tools such as EnCase.e. Incident response, e.g. preparation, detection, containment, eradication, recovery, and follow-up.f. Certification as a Security professional at the DOD 8570 IAT-II level. Must either be or have been determined favorably eligible for SCI within the past 23 months by the Intelligence Community.SECURITY CLEARANCE REQUIRED: Must be able to maintain a security clearance at the Top Secret/SCI level. US Citizenship is a requirement for Top Secret/SCI clearance at this location.Applicants may be subject to a pre-employment drug & alcohol screening and/or random drug screen, and must follow UICs Non-DOT Drug & Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicants resume/application may be subject to verification.Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification. In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes.UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOE/AA/M/F/D/V. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act.All candidates must apply online at www.uicalaska.com, and submit a completed application for all positions they wish to be considered. Once the employment application has been completed and submitted, any changes to the application after submission may not be reviewed. Please contact a UIC HR Recruiter if you have made a significant change to your application. In accordance with the Americans with Disabilities Act of 1990 (ADA), persons unable to complete an online application should contact UIC Human Resources for assistance ( Government Services (UICGS / Bowhead) provides innovative business solutions to federal and commercial customers in the areas of engineering, maintenance services, information technology, program support, logistics/base support, and procurement. Collectively, the fast-growing Bowhead Family of Companies offers a breadth of services which are performed with a focus on quality results. Headquartered in Springfield, VA, we are a fast-growing, multi-million-dollar corporation recognized as one of the top 25 8(a) companies for government contracting.Link to Apply:
Associated topics: sci, security clearance, security investigation, sensitive compartmented information, single scope background investigation, ssbi, top secret sci, ts sci
Loading some great jobs for you...