Cyber Intel Fusion Analyst
Posted by Rick Battista on May 16, 2018
To apply to this job, click here.
NetCentrics provides the Department of Defense, Department of Homeland Security and other federal agencies with leading IT services including IT Strategy, mission applications, infrastructure and platform services, cloud solutions, service delivery and cybersecurity.
Specific duties include:
Develop and maintain Tactics, Techniques and procedures (TTPs) in support of I&W Analyst position roles and responsibilities
Develop and maintain procedural checklists in support of Incident Indication tipping activities
Perform correlation of incidents and threats: Correlate detected activity with known patch status to determine threat to network, provide recommendations to engineers and O&M to focus on protection and patching strategy
Routine Analysis: rapid alerting to new malicious code/vulnerability/exploit, define emerging threats and defensive actions
Ad Hoc Analysis: potential compromised systems, new traffic patterns, new types of traffic
Baseline Analysis: new potential targets, new traffic patterns, new exploits/threats
Routine Alerts: network configuration issues, malicious code activity from/to systems, port Activity that MUST be investigated
Develop, maintain and refine as necessary organizational leading security indicators: trending reports related to intrusion activity using DoD/DHS incident taxonomy, trending reports related to scan/probe activity, metrics related to CND events, incident threat indicators, trending reports related to foreign IP activity
Perform analysis of network flow data for: traffic characterization and usage, recommended blocking actions, indications of system compromise and anomalous activity, indication of botnet activity, inventory and prioritization of internet threats
Perform research and analysis of external threats: commercial reports, USCYBERCOM reports, NCTOC reports, and other DoD, DHS, IC, Federal, non-government sources
Perform data mining and analysis activities of known intrusion sets
Provide recommendations to IS sensor tuning section
Develop, maintain and leverage external relationships with NetOps Community partners through use of collaboration tools
Provide feedback/recommendations to organizational sensor engineering and deployment activities
Identify and maintain cyber threat related to organizational mission objectivities
Identify and maintain cyber threats related to critical infrastructure protection and their relationships
Develop and maintain relationships with internal cyber threat organizations
Participate in cyber threat working groups, forums and meetings
Participate in vulnerability management working groups and meetings
Experience in an Operations Center providing Senior Leaders specified reports based on information received from supporting units.
Have working knowledge of threat and vulnerability analysis, routing protocols, routing, intrusion detection systems, intrusion protection systems, Domain Name Service, or network traffic analysis
Clearance: Must have a Top Secret clearance/SCI and pass CI Poly
Certifications: Must be DoD 8570.01M IAT III and CND-IR compliant (or must receive certifications within first 90 days)
Education/Years of Experience: Must have 7 years of relative experience and BS degree.
As a contingency to employment at NetCentrics, all candidates who are given offers must successfully pass a full background investigation including criminal history, education and employment verifications.
Previous tools experience working with ArcSight, Splunk, PCAP, JIMS or equivalent toolsets.
Technical understanding in some of the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication installation, or malware types), or intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, or open source information collection)
JRSS experience a plus
**In order to be considered for this position, you must apply directly through our careers site**
NetCentrics is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.
- Location: TISCOM, Alexandria , VA 22315, United States
- Salary: Not provided
- Clearance Required: Yes
- Spouse Friendly: Yes