NetCentrics is looking for an experienced Senior Incident Response Analyst (9am-6pm Shift) to support our team at the St. Elizabeth’s in Washington, DC and our TISCOM location in Alexandria, VA. This position is open only to candidates with an active TS/SCI security clearance with a CI Poly.
Specific duties include:
- Provide situational awareness and readiness reporting for the customer program leadership.
- Support coordination and information collection related to incidents, investigations, Task Orders, and other communications within DOD and DHS.
- Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
- Identify potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
- Maintain IDS signatures and policies.
- Be able to modify/add custom IDS policies and signatures to account for lack of monitoring in threat areas as warranted by threat changes, such as zero-day attacks. This includes the use of Sourcefire rules.
- Identify misuse, malware, or unauthorized activity on monitored networks.
- Analyze and solve problems related to network, system, forensic and malware analysis.
- Evaluate firewall change requests and assess organizational risk.
- Assists with implementation of counter-measures or mitigating controls.
- Initiate computer incident handling procedures to isolate and investigate potential network information system compromises.
- Ensure documentation is updated and maintained.
- Shift Hours: 9am-6pm Mon-Fri with some holiday/weekend as needed
- Clearance: Must have a Top Secret clearance/SCI and CI Poly
- Education/Years of Experience: Must have 7 years of relative experience and BS degree.
- Certifications: Must be IAT III and CND IR compliant (CISSP/CASP, CEH)
- Travel from DC to Virginia will be required as necessary.
- Demonstrate expert-level knowledge of DOD and industry accepted policies, standards, best practices, and regulations related to Cyber Security CND
- Experience with SEIM solutions, Log collection analytics, Host base IDS/IPS (endpoint security), and Email security, Web security
- Knowledge of industry accepted standards and best practices related to incident response operations.
- Demonstrate basic analytical and problem solving skills related to network, system, forensic and malware analysis.
- Analysis of PCAP data and packet reconstruction
- Experience with security technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, Security Event and Incident Management (SEIM), Antivirus, Network Packet Analyzers, Security Systems Manager, malware analysis, forensics tools, and reverse engineering.
- Demonstrated knowledge in information technologies to include computer hardware and software, operating systems, and networking protocols.
- Experience with Linux and Windows operating systems.
- Knowledgeable on computer evidence seizure, computer forensic analysis, development and/or analysis, interpretation, and compliance with federal and agency IT security policies and regulations.
- As a contingency to employment at NetCentrics, all candidates who are given offers must successfully pass a full background investigation including criminal history and references checks