Abacus Technology

Cyber Security/Network Defense Analyst

Abacus Technology$75K — $95K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3+ years experience in network and systems security
  • Bachelor’s degree in a related field or equivalent experience
  • Security+ and CEH certified
  • ITIL Foundations certification or ability to obtain within 60 days of hire
  • Extensive knowledge of network firewalls and log analysis
  • Experience with network packet capture tools like WireShark and Snort
  • Ability to maintain an Advanced Traffic Analyst certification.

Responsibilities

  • Support real-time monitoring of IPS/IDS for AFCENT mission
  • Monitor and analyze network traffic to assess security posture
  • Evaluate traffic using standard network tools for incident response
  • Coordinate execution of IAVA notices on USCENTCOM networks
  • Maintain IDS/IPS devices for optimal performance
  • Develop methods to detect and prevent intrusions
  • Assist in network defense through incident handling and recovery.

Benefits

  • Full-time position with 24/7/365 support environment
  • Opportunities for professional growth and certification
  • Engagement in high-impact projects within USCENTCOM
  • Collaboration with law enforcement and counterintelligence activities
  • Chance to work with advanced cyber security technologies and tools.
Full Job Description
Overview

Abacus Technology is seeking a Cyber Security/Network Defense Analyst to provide technical support for the AFCENT Network Operations and Security Center (NOSC) at Lackland AFB as part of a 24/7/365 support environment.  This is a full-time position.

Responsibilities
  • Support real-time monitoring of all assigned IPS/IPS deployed and supporting the AFCENT/USCENTCOM mission.
  • Monitor network traffic to provide event correlations of operational traffic from multiple locations to determine network security posture.
  • Utilize standard/provided network tools to evaluate traffic for incident response analysis.
  • Coordinate and execute CYBERCOM Information Assurance Vulnerability Alert (IAVA) notices as applicable on USCENTCOM networks/systems with the AFCENT NOSC.
  • Maintain IDS/IPS devices to ensure they are operating at optimal efficiency.
  • Develop methods to detect and prevent intrusive activities utilizing these new vulnerabilities and exploits.
  • Assist NOSC-Cybersecurity to develop countermeasures to isolate, contain and prevent intrusive actives and secure AFCENT/USCENTCOM networks.
  • Track and correlate unusual and suspicious network activity across USCENTCOM.
  • Assist in the compilation of Network Defense statistical and trend data, and operational event reporting, as requested by NOSC management.
  • Provide site-specific and service-level intrusion packet level analysis using selected tools and activities related to mission execution; and track trends of authorized and unauthorized activity.
  • Provide an overall site-analysis and profile for existing USCENTCOM networks and supported units to serve as a benchmark to identify unusual or suspicious activity; and research, document, and report suspicious activity.
  • Perform cyber incident handling and support activities, including but not limited to, reporting and notifying, documenting, and coordinating: (1) detection of events; (2) preliminary analysis and identification; (3) preliminary response action; (4) incident analysis; (5) response and recovery; and (6) post incident analysis IAW applicable policy and directives.
  • Perform network traffic analysis to evaluate intruder activities using host and network based monitoring systems; correlate information gathered to provide effective methods to USCENTCOM domains; determine the probability of exploitation of discovered network vulnerabilities; and ensure appropriate notifications and action are taken to reduce the risk to USCENTCOM networks.
  • Support USCENTCOM 24/7 Network Defense monitoring operations.
  • Open and conduct network intrusion investigations to validate the unauthorized activity and determine the type and extent of activity.
  • Conduct network and computer forensics on suspected and confirmed compromised USCENTCOM systems to determine the method of intrusion and corrective actions to be taken to prevent or detect similar future activities.
  • Provide technical support and expertise to assist law enforcement and counterintelligence activities, and continue to conduct base network defense while component investigative agencies collect network evidence.
  • Provide support to USCENTCOM network administrators on the installation and analysis of packet sniffers their network topology.   
Qualifications

3+ years experience in network and systems security.  Bachelor’s degree in a related field.  Additional years of experience may be substituted for degree requirements.  Must be Security+ and CEH certified.  Must hold the ITIL Foundations certification or be able to obtain the certification within 60 days of hire.  Extensive knowledge of network firewalls, computer and server log analysis, computer network servers (DNS, proxy, e-mail, domain controller, file server, Active Directory) and analysis of their logs.  Extensive knowledge of digital evidence collection, handling and security; experience with computer incident response and analysis and report dissemination.  Extensive knowledge and experience with network packet capture and analysis software such as WireShark (Ethereal) and Snort.  Experience with standard DoD network topology and DMZ boundary protection.  Experience with system analysis software (i.e. EnCase/EnCase Enterprise or FTK), software coding and debugging, and the virtual machine (VM) environment.  Experience with DoD/AF incident reporting processes.  Knowledge of threat visualization applications.  Extensive knowledge of digital evidence collection, handling and security.  Experience with computer incident response and analysis, and report dissemination.  Extensive knowledge of DoD and AF network operations regulations; knowledge and experience processing Information Assurance Vulnerability Alert (IAVA) notices.  Able to maintain current knowledge on new vulnerabilities and exploits.  Experience with DoD/AF incident reporting processes.  Familiar with NSA Threat Operations Center (NTOC) Attack, Sensing & Warning (AS&W) alerts and processing.  Knowledge and experience constructing, executing and troubleshooting SQL DB queries.  Knowledge and experience with the DOD Centaur analysis system.  Must maintain an Advanced Traffic Analyst certification via Stan/Eval processes for operational positions.  Must have strong communication skills and be able to interact professionally within all levels of an organization.  Must be able to provide support in a 24/7/365 environment including occasionally covering shifts outside of the assigned shift and/or providing after hours, weekend, or holiday support as needed on a rotational basis.  Must be a US citizen and hold a current Top Secret clearance with SCI access (TS/SCI).

 

About Abacus Technology

Abacus Technology is a provider of information technology services and solutions to government agencies and the private sector. The company offers a range of services, including cloud computing, cybersecurity, software development, and program management. Abacus Technology was founded in 1983 and is headquartered in Chevy Chase, Maryland.
Learn more about Abacus Technology
Size
1,000 employees
Industry
Founded
1983

Similar Jobs

More Jobs at Abacus Technology

More Information Technology Jobs

Find similar Cyber Security/Network Defense Analyst jobs: