At IronNet Cybersecurity, our mission is simple: To deliver the power of collective cybersecurity to defend companies, sectors, and nations. In response to cyber adversaries who increasingly collaborate for collective offense, leading organizations in our critical infrastructure are using collective defense strategies and solutions to meet these powerful and ever-changing threats. We believe that collective defense is our collective responsibility and we are leading the charge.
IronNet delivers unmatched collective cyber threat detection for enterprise on-premise, cloud, and hybrid networks. We do this through the application of advanced behavioral analytics, AI, and machine learning techniques. Our team combines the tradecraft knowledge of the best offensive and defensive cyber operators in the world with world-class mathematicians and data scientists to engineer solutions that empower companies to defend against advanced threats.
IronNet is recognized in Gartner's 2019 Market Guide for Network Traffic Analysis and was recently named a Vendor to Watch by Enterprise Management Associates. Our founder and Co-CEO, General (Ret) Keith Alexander, is a recognized cybersecurity innovator and a frequent speaker about current cyberthreats and effective defenses. We have a leadership team with deep government and commercial cyber experience and are advised by a board of esteemed security and venture investment professionals.
As a Computer Network Defense Analyst (CNDA) you will be responsible for monitoring our corporate and customer networks to detect suspicious and hostile activity that would jeopardize the confidentiality, integrity or availability of information systems. Analysts are responsible for reviewing logs and alerts from various security tools and network traffic analyzers. You must be able to compile information and prepare computer security incident reports based on intrusions, events, and incidents that are detected. You will work closely with our customer's security operation centers to ensure the mitigation of all activity detected.
This CNDA position requires the ability to work night shifts and has limited travel. Positions also available with increased travel for international. Job location is in (Maple Lawn) Fulton, MD or Tysons Corner, VA.
- Constant monitoring of various security appliances and networks.
- Creation of technically detailed reports based on intrusions and events.
- Provide assistance in computer incident investigations.
- Coordinate with our customer Security Operations Center (SOC) teams to remediate detected incidents.
- Analyze and evaluate anomalous network and system activity.
- Recommend modifications to security tools to detect, prevent, and mitigate intrusions.
- Assist in troubleshooting and problem solving a wide variety of client issues.
- Provide quality customer service with excellent communication skills.
- Bachelor's Degree in Computer Science or related technical discipline, or the equivalent combination of education, professional training, or work experience.
- 3 years of hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:
- Computer intrusion analysis
- Intrusion detection
- Network defense
- Incident response
- Computer network surveillance/monitoring
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- System log analysis
- Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Experience in developing, refining, and performing advanced analysis to uncover new or potential incidents and report on results.
- Experience in assessing threat indicators (e.g. Malware/Malicious Anomalies/Abnormal network Activity/Root Level Compromise, etc.).
- An advanced understanding of current threats and trends present in the Information Security and Technology field.
- Must be able to provide feedback on product use and development for future versions.
- Demonstrated ability to document processes.
- Ability to work shift as required (night, weekends, and day shifts).
- Initiative and a personal interest in Information Technology Security.
- Analytical skills - Candidate must be able to look at the enterprise across a variety of points of view: adversaries, clients, administrators, end users, and consumers and understand "Normal Activity" as well as anomalous activity (bad and good). Must be passionately curious about the nature of anomalous activity while exhaustively analyzing and considering adversary actions, motivations, environmental considerations, and identifying sources and methods of intrusive activity.
- Computer skills - Candidate must be able to use a variety of common office automation tools, analysis, and scripting tools to prepare their work products.
- Communication skills - Candidate must communicate with clients, customers, and other computer network and information technology specialists to ensure that their work accurately reflects the situation and effectively expresses information in an understandable way (written or oral).
- Creativity - Candidate must be able to think of new approaches to communicating ideas to consumers. They develop unique and effective work products that convey a recognizable meaning and deliver value on behalf of the company and our clients.
- Excellent written and verbal communication skills.
- Excellent problem-solving skills
- Must be a US Citizen