Cyber Defense Analyst - Senior

30 Nov 2024

Vacancy expired!

ECS is a federal contractor. As such, we are subject an Executive Order requiring all employees of federal contractors to be fully vaccinated for COVID-19 by December 8, 2021. Therefore, by applying for this position, you understand that you will be required to verify that you have been, or will be, fully vaccinated by December 8, or to verify that you cannot be vaccinated due to a legally recognized exception to the vaccine mandate set forth in the Executive Order. Note: An individual is not considered to be fully vaccinated until two weeks after receiving the second vaccine dosage in a vaccine regimen involving two vaccines. The above does not apply to personnel applying to United States Postal Service positions, however, as an ECS employee you will be required to complete the ECS COVID-19 survey to be compliant with Executive Order 14024.

ECS is seeking a

Cyber Defense Analyst - Senior to work in our

Suitland, MD office.

Job Description:
  • Develop content for cyber defense tools.
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
  • Coordinate with enterprise-wide cyber defense staff to validate network alerts.
  • Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
  • Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
  • Perform cyber defense trend analysis and reporting.
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
  • Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
  • Identify and analyze anomalies in network traffic using metadata.
  • Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
  • Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools.

Required Skills:
  • Bachelor's degree or higher
  • Active TS/SCI clearance
  • 6+ years' experience in Network/data analysis, packet capture analysis, malware detection, custom intrusion signature development, advanced information assurance
  • Certifications addressing incident handling (identification, overview, and preparation) buffer overflow, client attacks, covering tacks (networks, systems), denial of service attaches, incident handing (containment, eradication, recovery, and lessons learned), network attacks, password attacks, reconnaissance, scanning (discovery and mapping, techniques and defense), session hijacking and cache poisoning, techniques for maintaining access, web applications attacks, worms, bots, and bot-nets
  • Strong written and verbal communication skills.
  • Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
  • Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
  • Knowledge of incident response and handling methodologies.
  • Knowledge of front-end collection systems, including traffic collection, filtering, and selection.
  • Experience with system administration, network, and operating system hardening techniques.
  • Knowledge of cyber defense and information security policies, procedures, and regulations.
  • Knowledge of the common attack vectors on the network layer.
  • Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
  • In-depth understanding of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
  • Knowledge of various types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN).
  • Knowledge of file extensions (e.g., .dll, .bat, .zip, .pcap, .gzip).
  • Knowledge of front-end collection systems, including traffic collection, filtering, and selection.

Desired Skills:
  • Experience in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
  • Ability to analyze malware and conduct vulnerability scans and recognize vulnerabilities in security systems.
  • Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • Experience evaluating the adequacy of security designs.
  • Skill in using incident handling methodologies.
  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
  • Experience with using protocol analyzers and collecting data from a variety of cyber defense resources.
  • Experience reading and interpreting signatures (e.g., snort).
  • Experience with assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.)
  • Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
  • Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans. ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.

  • ID: #23651973
  • State: Maryland Suitland 20746 Suitland USA
  • City: Suitland
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2021-11-30
  • Deadline: 2022-01-28
  • Category: Et cetera