Trace Systems

CND Analyst

1 month ago
Job ID
2017-1926
# of Openings
1
US-DC-Washington
Category
Information Technology

Overview

Trace Systems, headquartered in Vienna, Virginia, was founded in 1999 to support and defend our nation's security interests at home and abroad–– whenever and wherever. We provide cybersecurity, intelligence, communications, networking and information technology services, systems, and solutions to the United States Department of Defense, Intelligence Community and Department of Homeland Security.
 
 
Job Title:  CND Analyst

Job Location: Washington, DC

Security Clearance: TS/SCI - position is contingent upon final adjudication for Yankee White

Job Responsibilities

The candidate will correlate actionable security events, perform network traffic analysis using raw packet data, net flow, IDS, IPS and custom sensor output as it pertains to the cyber security of communications networks, and participate in the coordination of resources during incident response efforts. The candidate will assess threats and risks to DoD Information Network (DoDIN) and recommend appropriate courses of action to mitigate threats and reduce risks. Analysts will leverage additional data sets including Host Based Security System (HBSS), Sensage and Splunk, network sniffers and DISA Community Data Center (CDC) tools, or other tools as directed by Government Site leadership.
 
CND Team duties include but are not limited to:
 
Detect:

  • Employ advanced forensic tools & techniques for network attack reconstruction
  • Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks
  • Correlate actionable security events from various sources, including Security Information Management System (SIMS) data & develop unique correlation techniques
  • Utilize knowledge of attack signatures, tactics, techniques and procedures to aid in the detection of Zero-Day attacks

 
Response:

  • Participate in the coordination of resources during enterprise incident response efforts
  • Interface with external entities including law enforcement, intelligence community & other government agencies
  • Provide limited analysis of incidents for the customers by: determining the incidents‘ nature and formulating responses; identifying & providing the ability to surge during emergencies; correlating event & incident data; determining possible effects on the DISN, customer networks & other organizations

 
Sustain:

  • Review threat data from various sources & aid in the development of custom signatures for Open Source & COTs IDS
  • Provide CND server admin & maintenance of the EMS workstations, servers, intrusion detection systems, and other associated equipment
  • Assess server security posture
  • Ensure security plan compliance
  • Ensure configuration changes do not adversely impact the server security
  • Perform NA-related audits & logging
  • Implement Vulnerability Mgmt System (VMS) and IAVA compliance
  • Monitor servers
  • Provide user administration & logistics support
  • Install, configure & monitor CND security-relevant network components
  • Ensure that C&A reqs are satisfied; manage reqs for class & unclass networks
  • Perform infrastructure monitoring and performance assessment & new req analysis and support For new equipment: order, inspect & inventory the equipment; determine outside support installation reqs; update equipment security information
  • Maintain the Integrated Configuration & Tracking System (ICATS) & other configuration databases, ensure security posture integrity during system outages, coordinate configuration changes with the DAA for changes in security posture or status, and maintain security documentation for HW & SW baselines & maintenance logs

 
Protect:

  • Provide support to serviced components & appropriate Government oversight entities by implementing DoD-wide Red Team: notifications, reports, assessments, coordination, information collection, performance measurement, reqs identification, & feedback
  • Monitor the implementation of IAVAs
  • De-conflict component & information specific IAVA guidance

  

Minimum Qualifications

  • Hold DoD-8570 IAT Level 2 baseline certification (Security+ CE or equivalent)
  • Ability to obtain Certified Ethical Hacker certification (or equivalent GCIA) within 90 days of start date.  Strongly preferred if candidate already has this certification.
  • Must hold TS-SCI clearance to start.  Must be able to successfully pass Yankee White clearance process to continue employment
  • Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
  • Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
  • Willing to perform shift work which may include weekends or non-standard work hours.

Education

  • Preferred to have Bachelor’s in Engineering, Computer Science, IT management OR sufficient technical certifications and experience in lieu of a degree.

Security Clearance

  • Position requires an active, in-scope TS/SCI clearance and the ability to obtain final adjudication for Yankee White

 

To Apply: We invite you to put your talents to work by joining a growing team of dynamic professionals here at Trace Systems! Be part of a culture at our leading edge company where you can achieve great things while fostering a satisfying and rewarding career progression. Please apply directly through the website at: www.tracesystems.com.      #jointracesystems
 
 
For any additional questions or to submit any referrals, please contact rrobertson@tracesystems.com
 
 
Trace Systems is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.