Network Defense and Security Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Abacus Technology Corporation · 5 hours ago

Network Defense and Security Analyst

positionUS-TX-San Antonio
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

Abacus Technology Corporation is seeking a Network Defense and Security Analyst to provide technical support for the AFCENT Network Operations and Security Center at Lackland AFB. The role involves monitoring network traffic, providing technical reports, and developing methods to prevent intrusive activities while ensuring the security of networks.

Information TechnologySoftwareTelecommunications
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Provide technical reports, meeting minutes, program plans, concepts of operations, contingency plans, and related documentation as identified for task deliverables
Prepare and disseminate operational reports
Monitor network traffic to provide event correlations of operational traffic from multiple locations to determine network security posture
Utilize standard/provided network tools to evaluate traffic for incident response analysis
Coordinate and execute JTF-GNO Information Assurance Vulnerability Alert (IAVA) notices as applicable on USCENTCOM networks/systems with the USAFCENT NOSC
Maintain IDS/IPS devices to ensure they are operating at optimal efficiency
Develop methods to detect and prevent intrusive activities utilizing new vulnerabilities and exploits
Assist NOSC-Cybersecurity to develop countermeasures to isolate, contain and prevent intrusive actives and secure USAFCENT/USCENTCOM networks
Correlate unusual and suspicious network activity across USCENTCOM
Validate unusual network activity unique to a geographical regions and sensor locations
Provide an overall site-analysis profile to serve as a benchmark to identify unusual or suspicious activity
Assist in the compilation of Network Defense statistical and trend data, and operational event reporting, as requested by NOSC management
Provide site-specific and service-level intrusion packet level analysis using selected tools and activities related to mission execution; and track trends of authorized and unauthorized activity
Correlate unusual and suspicious network activity across USCENTCOM; and validate unusual network activity unique to geographical regions and sensor location(s)
Document network devices and location of network devices. Provide technical information to USCENTCOM customers on devices with an emphasis on any possible security issues with them
Document any waivers for non-standard network configurations
Provide an overall site-analysis and profile for existing USCENTCOM networks and supported units to serve as a benchmark to identify unusual or suspicious activity; and research, document and report suspicious activity
Provide focused Network Defense tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named Network Defense operations and exercises
Perform cyber incident handling and support activities, including but not limited to, reporting and notifying, documenting, and coordinating: (1) detection of events; (2) preliminary analysis; (3) preliminary response action; (4) incident analysis; (5) response and recovery; and (6) post incident analysis
Perform network traffic analysis to evaluate intruder activities using host and network-based monitoring systems; correlate information gathered to provide effective methods to USCENTCOM domains; determine the probability of exploitation of discovered network vulnerabilities; and ensure appropriate notifications and action are taken to reduce the risk to USCENTCOM networks
Support USCENTCOM 24/7 Network Defense monitoring operations
Open and conduct network intrusion investigations to validate the unauthorized activity and determine the type and extent of activity
Conduct network and computer forensics on suspected and confirmed compromised USCENTCOM systems to determine the method of intrusion and corrective actions to be taken to prevent or detect similar future activities
Develop and implement methods to identify, contain, log, analyze and prevent intrusive activities and security vulnerabilities on automated information systems and networks; and conduct operations and develop countermeasures to isolate, contain, and prevent intrusive activities and security vulnerabilities
Develop and implement methods to identify, contain, log, analyze and prevent malware-based activities on automated information systems and networks, and operate, maintain and administer anti-virus tools
Provide AFOSI (Air Force Office of Special Investigation), Army Criminal Investigation Division (CID), Naval Criminal Investigation Service (NCIS) Network Defense technical support and expertise to assist law enforcement and counter-intelligence activities, and continue to conduct base network defense while component investigative agencies collects network evidence
Provide support to USCENTCOM network administrators on the installation and analysis of packet sniffers their network topology
Install, configure, maintain and manage the USAFCENT IDS/IPS sensor fleet, ArcSight Enterprise Security Manager, CIDDS directors, and associated Virtual Private Network (VPN) equipment
Provide technical advice and assistance to the USAFCENT NOSC-Cybersecurity to resolve network issues and perform actions necessary to ensure IDS/IPS sensors are collecting and reporting network activity
Diagnose and resolve end user problems
Support IDS/IPS software installation and configuration, IDS site troubleshooting, system security, archival, and restoration of mission data
Assist in the identification of system and network configuration problems or network and subnet vulnerabilities and take corrective actions
Assist with on-the-job training (OJT) for personnel assigned to USAFCENT operational mission and technical support functions
Present network defense actions/activities for USAFCENT and USCENTCOM mission briefings
Identify and assist in the development and documentation of USAFCENT support operations, reporting, systems administration and incident response processes and tasks using available mission support systems
Provide technical assistance in the Network Defense systems planning, testing, development, implementation, enhancement, transition, management and operation of new USAFCENT initiatives, and support the integration of new systems and tools into the existing architecture

Qualification

Network+ certificationCCNA certificationCEH certificationNetwork security analysisITIL v3V4 certificationDigital evidence collectionPacket capture analysisSQL DB queriesCommunication skillsTeam collaboration

Required

5+ years experience in network and systems security
Bachelor's degree in a related field
Must be Network+ or CCNA certified
Must be CEH certified
Must hold the ITIL v3 or v4 Foundations certification or be able to obtain the certification within 60 days of hire
Extensive knowledge of network firewalls, computer and server log analysis, computer network servers (DNS, proxy, e-mail, domain controller, file server, Active Directory) and analysis of their logs
Extensive knowledge of digital evidence collection, handling and security; experience with computer incident response and analysis and report dissemination
Extensive knowledge and experience with network packet capture and analysis software such as WireShark (Ethereal) and Snort
Experience with standard DoD network topology and DMZ boundary protection
Experience with system analysis software (i.e. EnCase/EnCase Enterprise or FTK), software coding and debugging, and the virtual machine (VM) environment
Experience with DoD/AF incident reporting processes
Knowledge of threat visualization applications
Extensive knowledge of digital evidence collection, handling and security
Experience with computer incident response and analysis, and report dissemination
Extensive knowledge of DoD and AF network operations regulations; knowledge and experience processing Information Assurance Vulnerability Alert (IAVA) notices
Able to maintain current knowledge on new vulnerabilities and exploits
Experience with DoD/AF incident reporting processes
Familiar with NSA Threat Operations Center (NTOC) Attack, Sensing & Warning (AS&W) alerts and processing
Knowledge and experience constructing, executing and troubleshooting SQL DB queries
Knowledge and experience with the DOD Centaur analysis system
Must maintain an Advanced Traffic Analyst certification via Stan/Eval processes for operational positions
Must have strong communication skills and be able to interact professionally within all levels of an organization
Must be able to provide support in a 24/7/365 environment including occasionally covering shifts outside of the assigned shift and/or providing after hours, weekend, or holiday support as needed on a rotational basis
Must be a US citizen and hold a current Top Secret clearance with SCI access or eligibility (TS/SCI)

Company

Abacus Technology Corporation

twittertwitter
company-logo
Abacus Technology Corporation delivers leading edge, high quality assistance in response to complex technology challenges.
dateFounded in 1983
location
Chevy Chase, Maryland, USA
people-size501-1000 employees
web-link
http://www.abacustech.com

Funding

Current Stage
Late Stage

Leadership Team

W
William Magro
Senior Vice President
linkedin
A
Alice Solomon
Vice President
linkedin
Company data provided by crunchbase