$80K — $100K *
The ability of the 33 NWS to complete its mission is dependent upon accurate, timely and thorough conduct of network traffic analysis and log analysis to evaluate intruder activities utilizing host and network‐based monitoring and system logs. Correlate information gathered to provide the 33 NWS effective methods to protect AF networks and associated domains and enclaves related to the 33 NWS ACD weapon system for mission execution.
The candidate will utilize a wide range of security tools, dashboards, including advanced threat detection, SIEM technology, web‐filtering, and other related tools. Comply with 3rd party MOU/MOA monitoring and reporting requirements. Determine probability of exploitation of discovered network vulnerabilities. Ensure appropriate notification and action are taken to reduce and mitigate risk to all AF networks, domains and enclaves. Upon identification of suspicious activity on AF networks, open network intrusion investigation(s) to validate the unauthorized activity and determine the type and extent of activity.
5 years extensive knowledge of network firewalls, computer and server log analysis, computer network servers (DNS, proxy, e‐mail, domain controller, file server, Active Directory) and analysis of their logs; extensive knowledge of digital evidence collection, handling and security; experience with computer incident response and analysis and report dissemination; extensive knowledge and experience with network packet capture and analysis software such as WireShark (Ethereal) and Snort; experience with standard DoD network topology and DMZ boundary protection; experience with system analysis software (i.e. EnCase/EnCase Enterprise or FTK), software coding and debugging, and the virtual machine (VM) environment. Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects)
Valid through: 8/26/2020