Network Systems Analyst - II - NBA

Network Based Systems Analyst II

Solutions³ LLC is supporting our prime contractor and their U.S. Government customer on a large mission critical development and sustainment program for on‑site and off‑site incident response to Government agencies and critical infrastructure owners who experience cyber‑attacks. Solutions³ LLC provides advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation, using host and network‑based cybersecurity analysis capabilities.

Solutions³ LLC is seeking a Network Based Systems Analyst II to support this critical mission by performing investigations to characterize the level of severity of breaches and developing mitigation/remediation plans.

• Must be a US Citizen
• Must have an active TS/SCI clearance
• Must be able to obtain DHS Suitability prior to starting employment
• 2+ years of directly relevant experience in cyber defense analysis using leading‑edge technologies and industry‑standard cyber defense tools

• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
• Coordinate with enterprise‑wide cyber defense staff to validate network alerts
• Document and elevate incidents (including event history, status, and potential impact) that may cause ongoing and immediate impact to the environment
• Perform cyber defense trend analysis and reporting
• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
• Provide daily summary reports of network events and activity relevant to cyber defense practices
• Receive and analyze network alerts from various sources within the enterprise and determine possible causes of alerts
• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
• Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity
• Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information
• Identify and analyze anomalies in network traffic using metadata
• Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools
• Identify applications and operating systems of a network device based on network traffic
• Reconstruct a malicious attack or activity based off network traffic
• Identify network mapping and operating system (OS) fingerprinting activities
• Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave

• Experience successfully developing and deploying signatures
• Experience detecting host and network‑based intrusions via intrusion detection technologies (e.g., Snort)
• Experience implementing incident handling methodologies
• Experience implementing protocol analyzers
• Experience collecting data from a variety of cyber defense resources
• Experience reading and interpreting signatures (e.g., Snort)
• Experience performing packet‑level analysis
• Experience conducting trend analysis

• Python programming experience
• Strong math and science background
• Experience with Carnegie Mellon SiLK tool suite

• One or more of the following professional certifications: GNFA, GCIH, GCIA, GSEC, CASP+, CySA+, PaLMS, FedVTE
• GSEC (SANS 401), Arcsight (or other SEIM solution), Network+, Security+

BS in Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma and 4+ years of network investigations experience.

Provide the level of Security Clearance you currently hold.