The Cyber Forensic Analyst will assist with cyber investigative efforts, conduct network traffic analysis, support cyber focused network architecture reviews, assess data pertaining to network intrusions and/or cyber related attacks and assess operational technologies.
Candidates must already possess a current and active TS/SCI with Poly clearance to be considered for this position.
Responsibilities include, but are not limited to the following:
- Analyze IP network traffic for cyber issues as it related to security, technical and
operational vulnerabilities and risk
- Conduct network or networking technology assessments and write assessment reports
based on findings
- Cyber analytic experience, specifically familiarity with cyber actor TTPs
- Provide insight into latest threats and countermeasures
- Evaluate network operations using network management plat forms, auditing functions,
and log reviews
- Provide recommendations for end-to-end technical analysis
- Maintain current knowledge of relevant technology as assigned
- Must be able to work independently with little supervision and shall be flexible to support
locations throughout the Washington Metro Area.
- Experience working on TCP/IP networking project s and demonstrated experience with
cyber security, and/or network security principles
- Experience with troubleshooting, investigating issues associated with IP network
products including routers, switches, wireless networking, VPN's, IDS/ IPS, Firewalls, IOT
- Demonstrated experience with communications protocols such as IP, TCP, UDP, M PLS,
OPSF, IGRP, BGP
- Knowledge and experience with encrypt ion products, methodologies, configuration
- Knowledge and experience with Network Packet Capture Appliances/Applications, such
as Netwitness, Solera, Probe, Wireshark, Snort, Zeek
- Knowledge and experience with network vulnerability scanners, web scanners, and
database scanners, such as Nessus, Weblnspect, AppDetective
- Experience with network management products such as HP OpenView, Solarwind
- Experience with anonymous/privacy internet capabilities and supporting net work architecture
- Experience using Splunk to analyze proprietary US Government networks
- Experience triaging sensitive US Government technical data
- Experience performing penetration testing
- Thorough understanding of proprietary current and legacy US Government communication systems
- Experience with the SIGINT product ion chain and multiple USIC entities
- Experience conducting or supporting technical cyber investigative efforts
- Bachelor’s Degree or a substantive experience in a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience; 7+ years of network/cyber security experience in a secure environment.
- Knowledge of Telephony Systems and VoIP
- Experience with Windows Server (2008R2/2012R2), Windows Workstation (7/ 8.1), Linux (Redhat/Debian), and OSX operating systems
- Interface with vendors and third-party producers
- Any of the following Certifications:
o Ethical Hacker
o Certified Information Systems Security Professional (CISSP)
o Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional, Juniper NCSP, or Juniper NCP
o Amazon Cloud Service Certification or similar cloud certification
o Red Hat Certified Security Specialist (RHCSS)
We are an Equal Opportunity/Affirmative Action Employer.
We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law. Equal Opportunity Employer Minorities/Women/Vets/Disabled.