Z FEDERAL
CYBER DEFENSE ANALYST - Mid — Z FEDERAL is seeking a mid-level Cyber Defense Analyst to support a full range of cyber security services on a contract in Washington DC. The position is full-time/permanent and will support a U.S. Government civilian agency. The position is onsite at client site. Security Clearance Requirement: Active Secret clearance.
Responsibilities
Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents. Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security. Perform cyber defense incident triage, including determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation. Perform cyber defense trend analysis and reporting. Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems. Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs). Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts. Track and document cyber defense incidents from initial detection through final resolution. Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness). Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise. Coordinate with intelligence analysts to correlate threat assessment data. Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise. Coordinate incident response functions. Qualifications/Requirements
Bachelors Degree 5+ years' experience in Malware analysis, digital forensics, data/network analysis, penetration testing, information assurance, leading incident handling Must have, or be able to obtain within 3 months, one of the following certifications: CERT CSIH, ECC CEH, GIAC GCIH, GIAC GISF, or ISC2 CISSP. Strong written and verbal communication skills Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) Knowledge of system administration, network, and operating system hardening techniques Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks) Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies Demonstrated ability to interact effectively with senior management and leadership Ability to design incident response for cloud service models Knowledge of incident categories, incident responses, and timelines for responses Knowledge of incident response and handling methodologies Knowledge of common networking and routing protocols (e.g., TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications Knowledge of Application Security Risks (e.g., OWASP Top 10 list) Additional Experience Preferred
Experience in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort) Experience identifying, capturing, containing, and reporting malware Certification requirements as above (CSIH, CEH, GCIH, GISF, CISSP) Skill in preserving evidence integrity according to standard operating procedures or national standards Strong securing network communications experience Recognizing and categorizing types of vulnerabilities and associated attacks Skill in protecting a network against malware (e.g., NIPS, anti-malware, device restrictions, spam filters) Experience performing damage assessments Skill in using security event correlation tools and design incident response for cloud service models Desirable certifications address incident handling, network and system attacks, detection, and related topics About Z FEDERAL
Z FEDERAL is a professional services firm located in Greenbelt, MD. Founded in 1983 to provide IT and management consulting services to the Federal Government, we have established a proven track record of reliable performance in the Federal marketplace. Z FEDERAL has a history of long-term commitment to our Federal customers and our employees. Benefits
Self-directed 401K and annual company match Up to four weeks of paid time off (PTO) 11 paid federal holidays Other forms of leave such as bereavement, jury duty, military leave Full Health Benefits: Medical and Vision, Dental (employee-paid) Life Insurance Short and Long Term Disability, AD&D Insurance Flexible Spending Account (Medical and Dependent Care) Performance-based bonuses Tuition Reimbursement Incentive and referral bonuses Commuter benefits Professional Development and Training Years of Service Reward and Recognition Program
#J-18808-Ljbffr
Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents. Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security. Perform cyber defense incident triage, including determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation. Perform cyber defense trend analysis and reporting. Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems. Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs). Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts. Track and document cyber defense incidents from initial detection through final resolution. Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness). Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise. Coordinate with intelligence analysts to correlate threat assessment data. Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise. Coordinate incident response functions. Qualifications/Requirements
Bachelors Degree 5+ years' experience in Malware analysis, digital forensics, data/network analysis, penetration testing, information assurance, leading incident handling Must have, or be able to obtain within 3 months, one of the following certifications: CERT CSIH, ECC CEH, GIAC GCIH, GIAC GISF, or ISC2 CISSP. Strong written and verbal communication skills Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) Knowledge of system administration, network, and operating system hardening techniques Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks) Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies Demonstrated ability to interact effectively with senior management and leadership Ability to design incident response for cloud service models Knowledge of incident categories, incident responses, and timelines for responses Knowledge of incident response and handling methodologies Knowledge of common networking and routing protocols (e.g., TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications Knowledge of Application Security Risks (e.g., OWASP Top 10 list) Additional Experience Preferred
Experience in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort) Experience identifying, capturing, containing, and reporting malware Certification requirements as above (CSIH, CEH, GCIH, GISF, CISSP) Skill in preserving evidence integrity according to standard operating procedures or national standards Strong securing network communications experience Recognizing and categorizing types of vulnerabilities and associated attacks Skill in protecting a network against malware (e.g., NIPS, anti-malware, device restrictions, spam filters) Experience performing damage assessments Skill in using security event correlation tools and design incident response for cloud service models Desirable certifications address incident handling, network and system attacks, detection, and related topics About Z FEDERAL
Z FEDERAL is a professional services firm located in Greenbelt, MD. Founded in 1983 to provide IT and management consulting services to the Federal Government, we have established a proven track record of reliable performance in the Federal marketplace. Z FEDERAL has a history of long-term commitment to our Federal customers and our employees. Benefits
Self-directed 401K and annual company match Up to four weeks of paid time off (PTO) 11 paid federal holidays Other forms of leave such as bereavement, jury duty, military leave Full Health Benefits: Medical and Vision, Dental (employee-paid) Life Insurance Short and Long Term Disability, AD&D Insurance Flexible Spending Account (Medical and Dependent Care) Performance-based bonuses Tuition Reimbursement Incentive and referral bonuses Commuter benefits Professional Development and Training Years of Service Reward and Recognition Program
#J-18808-Ljbffr