McLean Intelligent Workforce
Job Description:
Respond to threats of varying sophistication targeting Pentagon Networks and resources. Perform Digital Forensics and Incident Response (DFIR) investigations using commercial, open‑source, and custom tools. Perform Netflow and PCAP analysis of network traffic. Report and present on threats targeting the Pentagon network. Validate findings from third‑party assessments of Pentagon Networks. Assist with evaluating existing defensive capabilities and recommend adjustments and improvements. Provide feedback and expert opinion on new and existing toolsets (EDR, etc). Interact with other SOC/CSSP/Intelligence organizations in the community through regular meetups. Clearance:
TS/SCI Eligible Required Years of Experience Desired:
6+ years of Incident Analysis experience in the DOD or IC environment Education/Certifications Required:
Bachelor’s Degree in a relevant field preferred DoD 8570 IAT Level II Anyone CND Analyst certification any one (CEH, Sec+, CND-IR, GCIA, GCIH certification) Required Experience:
Active Top Secret clearance with SCI eligibility Current DoD 8570 IAT Level II certification – Security+ Current DoD 8570 CSSP Incident Responder certification – CEH, CFR, CCNA Cyber Ops, CySA+, GCFA, GCIH, SCYBER, or CHFIBS degree in a technical field (4+ years of experience in Incident Response in lieu of a degree) 8+ years of Incident and Malware analysis experience within DoD or IC environment Ability to interpret and write network and host based signatures (Yara, Snort, SIGMA, etc) Demonstrate knowledge of the Cyber Kill Chain and MITRE Attack Framework Demonstrate working knowledge of common networking protocols (HTTP, TLS, DNS, SMTP, FTP, SSH, SNMP, etc) and analysis techniques Demonstrate working knowledge of common threat actor Tactics, Techniques, and Procedures (TTPs) Demonstrate working knowledge of Windows and Linux Internals Demonstrate working knowledge of Active Directory Security fundamentals Demonstrate working knowledge of network security fundamentals Demonstrate awareness of common threat actor TTPs and defensive mechanisms to include. Desired Skills:
In-depth knowledge of CJCSM 6510.01B and experience in the DoD/IC/Federal Government Defensive Cyber Operations. Experience with automation/programming experience (PowerShell, Python, Go, etc.) One of the following certifications or an equivalent certification: CFCE, GCFE, GCFA, GCTI, GNFA, GREM, GPEN, GDAT, OSCP Experience with various cloud solutions (Office365, AWS, Azure, Salesforce) Excellent verbal and written communication skills Basic skills to prepare documents and reports using Microsoft Office products (Word, Excel, PowerPoint) Strong ability to work in a team environment as well as independently Possesses the ability to work with diverse, integrated, deliverable‑driven teams to accomplish the larger mission Must demonstrate strong personal initiative, a strong desire to grow technically and professionally, and an outstanding attitude to ensure customer success Experience in working on a cross‑functional team McLean Intelligent Workforce
#J-18808-Ljbffr
Respond to threats of varying sophistication targeting Pentagon Networks and resources. Perform Digital Forensics and Incident Response (DFIR) investigations using commercial, open‑source, and custom tools. Perform Netflow and PCAP analysis of network traffic. Report and present on threats targeting the Pentagon network. Validate findings from third‑party assessments of Pentagon Networks. Assist with evaluating existing defensive capabilities and recommend adjustments and improvements. Provide feedback and expert opinion on new and existing toolsets (EDR, etc). Interact with other SOC/CSSP/Intelligence organizations in the community through regular meetups. Clearance:
TS/SCI Eligible Required Years of Experience Desired:
6+ years of Incident Analysis experience in the DOD or IC environment Education/Certifications Required:
Bachelor’s Degree in a relevant field preferred DoD 8570 IAT Level II Anyone CND Analyst certification any one (CEH, Sec+, CND-IR, GCIA, GCIH certification) Required Experience:
Active Top Secret clearance with SCI eligibility Current DoD 8570 IAT Level II certification – Security+ Current DoD 8570 CSSP Incident Responder certification – CEH, CFR, CCNA Cyber Ops, CySA+, GCFA, GCIH, SCYBER, or CHFIBS degree in a technical field (4+ years of experience in Incident Response in lieu of a degree) 8+ years of Incident and Malware analysis experience within DoD or IC environment Ability to interpret and write network and host based signatures (Yara, Snort, SIGMA, etc) Demonstrate knowledge of the Cyber Kill Chain and MITRE Attack Framework Demonstrate working knowledge of common networking protocols (HTTP, TLS, DNS, SMTP, FTP, SSH, SNMP, etc) and analysis techniques Demonstrate working knowledge of common threat actor Tactics, Techniques, and Procedures (TTPs) Demonstrate working knowledge of Windows and Linux Internals Demonstrate working knowledge of Active Directory Security fundamentals Demonstrate working knowledge of network security fundamentals Demonstrate awareness of common threat actor TTPs and defensive mechanisms to include. Desired Skills:
In-depth knowledge of CJCSM 6510.01B and experience in the DoD/IC/Federal Government Defensive Cyber Operations. Experience with automation/programming experience (PowerShell, Python, Go, etc.) One of the following certifications or an equivalent certification: CFCE, GCFE, GCFA, GCTI, GNFA, GREM, GPEN, GDAT, OSCP Experience with various cloud solutions (Office365, AWS, Azure, Salesforce) Excellent verbal and written communication skills Basic skills to prepare documents and reports using Microsoft Office products (Word, Excel, PowerPoint) Strong ability to work in a team environment as well as independently Possesses the ability to work with diverse, integrated, deliverable‑driven teams to accomplish the larger mission Must demonstrate strong personal initiative, a strong desire to grow technically and professionally, and an outstanding attitude to ensure customer success Experience in working on a cross‑functional team McLean Intelligent Workforce
#J-18808-Ljbffr