Inovex Information Systems

Cyber Defense Analyst 2 (CDA2)

Inovex Information Systems$176K — $217K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 4+ years as Cyber Defense Analyst (CDA) in similar programs; technical degree can substitute 2 years.
  • 1+ year of TCP/IP fundamentals experience.
  • 1+ year experience with tcpdump or Wireshark.
  • 2+ years using security information and event management tools (e.g., Splunk, ArcSight).
  • 2+ years in network and threat analysis software; experience with Cloud environments like AWS or Azure.

Responsibilities

  • Monitor network activity for anomalous behavior using gathered data.
  • Analyze and report incidents to protect critical information systems.
  • Leverage knowledge of network protocols to counteract abuses.
  • Perform advanced manual threat hunting and PCAP analysis.
  • Conduct network traffic analysis to identify security-relevant anomalies.

Benefits

  • Rich medical coverage with majority employer-paid premiums.
  • Generous 401K plan with 10% total contribution and immediate vesting.
  • 4 weeks of PTO plus 11 federal holidays and training hours.
  • Access to free learning resources and substantial development assistance.
  • Flexible work schedules and parental leave, along with employee appreciation events.
Full Job Description
Job Brief

Windows Endpoint Experience

Job Description

Join us on this journey as we execute this mission-critical contract providing Cybersecurity Expertise and Risk Management Services!

Your effort and expertise are crucial to the success and execution of this impactful mission that is critical in ensuring mission success through Security Engineering, Risk Management and Assessment, and Insider Threat Analysis, by improving, protecting, and defending our Nation's Security.

Job Description:
  • Uses information collected from a variety of sources to monitor network activity and analyze it for evidence of anomalous behavior. Identifies, triages, and reports events that occur in order to protect data, information systems, and infrastructure. Finds trends, patterns, or anomaly correlations utilizing security-relevant data. Recommends proactive security measures. Conducts analysis to isolate indicators of compromise. Notify designated managers, cyber incident responders, and cybersecurity service provider team member of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan.

The Cyber Defense Analyst 2 shall possess the following capabilities:
  • Use cyber defense tools to monitor, detect, analyze, categorize, and perform initial triage of anomalous activity.
  • Generate cybersecurity cases (including event's history, status, and potential impact for further action) and route as appropriate.
  • Leverage knowledge of commonly used network protocols and detection methods to defend against related abuses.
  • Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Perform advanced manual analysis to hunt previously unidentified threats.
  • Conduct PCAP analysis.
  • Identify cyber-attack phases based on knowledge of common attack vectors and network layers, models and protocols.
  • Apply techniques for detecting host- and network-based intrusions.
  • Working knowledge of enterprise-level network intrusion detection/prevention systems and firewall capabilities.
  • Understand the foundations of a hardened windows network and what native services and protocols are subject to abuse.
  • Familiarity with fragmentation of network traffic and how to detect and evaluate fragmentation related attacks in raw packet captures.
  • Conduct network - traffic, protocol and packet-level - and netflow analysis for anomalous values that may be security-relevant using appropriate tools.
  • Understand snort filters and how they are crafted and tuned to feed IDS alerting.
  • Understand system and application security threats and vulnerabilities to include buffer overflow, SQL injection, race conditions, covert channel, replay and return-oriented attacks, malicious code and malicious scripting.
  • Analyze malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
  • Familiar with indications of Command and Control (C2) channels and what strategies attackers use to bypass enterprise defenses from a compromised host.

Qualifications:
  • Four (4) years of demonstrated experience as CDA in programs and contracts of similar scope, type, and complexity required. A technical bachelor's degree from an accredited college or university may be substituted for two (2) years of CDA experience on projects of similar scope, type, and complexity.
  • One (1) year of demonstrated and practical experience in TCP/IP fundamentals.
  • One (1) year of demonstrated experience with tcpdump or Wireshark.
  • Two (2) years of demonstrated experience using security information and event management suites (such as Splunk, ArcSight, Kibana, LogRhythm).
  • Two (2) years of demonstrated experience in network analysis and threat analysis software utilization.
  • Two (2) years of demonstrated experience maintaining or managing Cloud environments such as Microsoft Azure, Amazon Web Services (AWS), using tools like Microsoft Sentinel.

Certifications Required:
  • Requires DoD 8570 compliance with CSSP Analyst baseline certification.
  • Requires Information Assurance Technical (IAT) Level I or Level II certification.
  • Requires Computing Environment (CE) certification.
  • Requires successful completion of the Splunk software training course "Fundamentals 1".

Position requires active Security Clearance with appropriate Polygraph

Pay Range: 176,000-217,000

The RealmOne pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Our approach to crafting offers considers various factors to establish an equitable and competitive compensation package. These considerations include, but are not limited to, the extent and intricacy of the role's responsibilities, the candidate's educational background, their work experience, and the specific competencies crucial for success in the role.

RealmOne Benefits:
  • Healthcare Coverage + Insurance: Medical: Three (3) rich healthcare options through CareFirst with 100% or majority company-paid premiums. Tax-advantaged health savings account available with generous employer contribution. Dental + Vision: 100% employer-paid for employees and family with buy-up option available.
  • Retirement + Savings: 401K - 10% TOTAL CONTRIBUTION - 5% safe harbor - 5% annual profit share. Immediate vested, no match required!
  • Paid Time Off + More: 4 weeks starting PTO - 11 federal holidays + 2 floating holidays - Paid hours for company-required training.
  • Career Growth + Development: Access to FREE 24/7 learning via Udemy - Opportunities to participate in tech councils, industry initiatives, etc. - $7,500 annual Educational & Professional Development Assistance.
  • MORE BENEFITS...FOR EVERY LIFESTYLE! - Paid parental leave - Adoption assistance - Annual swag drops - Flexible work schedules - -Generous referral bonus program - Employee appreciation + family-friendly corporate events ...and much more.


Disclaimer: Benefits packages offered by RealmOne are subject to variation and may differ based on work location, clearance level, and other eligibility criteria. Specific eligibility, availability, and scope of benefits are not guaranteed, may differ from those generally described, and remain subject to modification at the sole discretion of the company.

About Inovex Information Systems

Inovex Information Systems is an information technology company that provides software development and consulting services to its clients. The company offers a range of services including software development, data analytics, cloud computing, and cybersecurity. Inovex Information Systems was founded in 2003 and is headquartered in Fairfax, Virginia.
Learn more about Inovex Information Systems
Size
100 employees
Industry
Founded
2003

Similar Jobs

More Jobs at Inovex Information Systems

  • Inovex Information Systems
    Data Scientist 1
    $90K — $120K *
    Annapolis, MD 21401 (Anne Arundel County)
    Information Technology
    In-Person
  • Inovex Information Systems
    Integrator Technical Director
    $225K — $275K *
    Annapolis, MD 21401 (Anne Arundel County)
    Aerospace & Defense
    In-Person
  • Inovex Information Systems
    Cyber Defense Analyst 2 (CDA2)
    $176K — $217K *
    Annapolis, MD 21401 (Anne Arundel County)
    Information Technology
    In-Person
  • Data Scientist 2
    $122K — $168K *
    Annapolis, MD 21401 (Anne Arundel County)
    Aerospace & Defense
    In-Person
  • Inovex Information Systems
    Data Scientist 3
    $161K — $211K *
    Annapolis, MD 21401 (Anne Arundel County)
    Information Technology
    In-Person

More Information Technology Jobs

Find similar Cyber Defense Analyst 2 (CDA2) jobs: