Overview: We are looking to add a Senior Incident Handling Analyst to our team in Arlington, VA.
Clearance Requirements: This position requires a Top Secret clearance with SCI eligibility. Preference will be given to those with TS/SCI and CI polygraph. Candidates who do not meet these clearance requirements will not be considered, therefore, all viable applicants should be U.S. Citizens.
Responsibilities:
- Respond to threats of varying sophistication targeting Pentagon Networks and resources
- Perform Digital Forensics & Incident Response (DFIR) investigations using commercial, open source, and custom tools
- Perform Netflow and PCAP analysis of network traffic
- Report & Present on threats targeting pentagon network
- Validate findings from third party assessments of Pentagon Networks
- Assist with evaluating existing defensive capabilities and recommend adjustments and improvement
- Provide feedback and expert opinion on new and existing toolsets (EDR, etc)
- Interact with other SOC/CSSP/Intelligence organizations in the community through regular meetups
Qualifications
- Bachelor’s degree in an IT related field or equivalent experience
- 6+ years experience deploying various network defense tools (ie. IDS, IPS, Packet Capture, Flow, Session, SEIM, Proxy, Web Content Filtering, SSL Decryption)
- DoD 8570 IAT Level II CND Analyst certification
- Familiarity with Arcsight/ID/IP/Splunk