Cyber Network Defense Analyst

The Monitoring and Analysis team provide 24x7 support across 4 different shifts. We have Front half shifts (day and night) and back half shifts (day and night). The front half shift will work 12-hour shifts from Sunday – Tuesday and alternating Wednesdays. The back half shift will work 12-hour shifts from Thursday – Saturday and alternating Wednesdays. Candidates must have the ability to work non-core hours, if necessary. Duties include network security monitoring and detection. Proactively searching for threats. Inspect traffic for anomalies and new malware patterns. Investigate and analyze logs. Provide analysis and response to alerts and document activity in SOC investigations and Security Event Notifications (SENs). Primary Responsibilities Utilize a SIEM for enterprise monitoring and detection Create Security Event Notifications to document investigation findings Perform critical thinking and analysis to investigate cyber security alerts Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc) Collaborate with team members to analyze an alert or a threat Stay up to date with latest threats Monitor shared email box for notifications and requests Utilize OSINT to aid in their investigation Contribute to content tuning requests Basic Qualifications All Junior Cyber Network Defense Analyst candidates shall have one (1) of the following education and experience levels: Bachelor of Science (BS) degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science AND a minimum of two (2) years professional experience. Associates of Science (AS) degree AND a minimum of six (6) years professional experience. High School Diploma or General Education Degree (GED) AND a minimum of eight (8) years of professional experience Professional Experience Requirement Applies to Relative Areas Listed Below Network Administration Software engineering Systems administration The ideal candidate is a self-motivated individual in pursuit of a career in cyber security. Candidates Should Also Demonstrate the Following Familiarity with a SOC’s purpose and role within an organization General understanding of common network ports and protocols (e.g. TCP/UDP, ICMP, DNS, SMTP, etc) Familiarity with network topologies and network security device functions (e.g. Firewall, IDS/IPS, Proxy, DNS, etc). Familiarity with packet analysis tools such as Wireshark Able to perform critical thinking and analysis to investigate cyber security alerts Familiarity with common malware and attack vectors Familiarity with Windows operating systems and standard OS logging Familiarity with Antivirus, DLP, and host-based firewalls Must Have At Least One of the Following Certifications SANS GIAC: GFACT, GCED, GSEC, GCIA, GDSA, GICSP, GCFA, GISF

CISCO: CBROPS

CertNexus: CFR Federal IT Security Institute: FITSP-O Must Have Current DoD TS/SCI In addition to specific security clearance requirements, all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program. Preferred Qualifications Familiar with SOC methodologies and processes #J-18808-Ljbffr Base One Technologies