Network Systems Analyst IV

Title:
Network Based Systems Analyst IV

Description:

Solutions³ LLC is supporting our prime contractor and their U.S. Government customer on a large mission-critical development and sustainment program for on and offsite incident response to Government agencies and critical infrastructure owners experiencing cyber-attacks. Solutions³ LLC provides advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation using host and network-based cybersecurity analysis capabilities.

Solutions³ LLC is seeking a Network Based Systems Analyst IV to support this critical mission by providing frontline response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity.

Eligibility:

• Must be a US Citizen
• Must have an active TS/SCI clearance
• Must be able to obtain DHS Suitability prior to starting employment
• 8+ years of directly relevant experience in network investigations

Responsibilities Include:

• Assist the Government lead in coordinating teams in preliminary incident response investigations
• Assist the Government lead with interfacing with the customer on site
• Determine appropriate courses of action in response to identified and analyzed anomalous network activity
• Assess network topology and device configurations, identify critical security concerns, and provide security best practice recommendations
• Assist with writing and publishing Computer Network Defense guidance and reports on incident findings
• Collect network intrusion artifacts (e.g., PCAP, domains, URIs, certificates) and use discovered data for mitigation
• Analyze malicious network activity to determine exploited weaknesses, methods, and effects
• Provide technical briefings as required
• Assist with real-time CND incident handling tasks such as forensic collections, intrusion correlation, threat analysis, and system remediation

Required Skills:

• In-depth knowledge of CND policies, procedures, and regulations
• In-depth knowledge of standard protocols – ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS, TCP/IP
• In-depth knowledge and experience of Wi-Fi networking
• In-depth knowledge of network topologies - DMZs, WANs, etc.
• Substantial knowledge of Splunk (or other SIEMs)
• Understanding of MITRE ATT&CK
• Knowledge of Computer Network Defense policies, procedures, and regulations
• Knowledge of defense-in-depth principles and attack stages related to network security architecture
• Ability to characterize and analyze network traffic to identify anomalies and threats
• Ability to analyze network traffic metadata for anomalies
• Experience reconstructing malicious activities based on network traffic
• Experience examining network topologies to understand data flows
• Ability to work collaboratively across locations

Desired

Skills:

• Knowledge of network device integrity concepts and methodologies
• Proficiency with network analysis software like Wireshark
• Proficiency with extracting information from PCAP data
• Proficiency with non-traditional network traffic analysis (e.g., C2 traffic)
• Proficiency with preserving evidence integrity
• Experience with virtualized environments

Desired

Certifications:

• DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst, GCIA, GCIH, CSSP Incident Responder, CEH
• SANS GIAC GNFA preferred

Required

Education:

BS in Computer Science, Cyber Security, Computer Engineering, or related field; or HS Diploma with 10+ years of network investigation experience.

Provide your current Security Clearance level.

Do you understand the responsibilities and skills required? Be prepared to provide examples during an interview or email them in advance.

Is the location within 2 hours of the site? The prime will not accept anyone farther away.

The client requires their own suitability process, which could take 4-6 weeks. Would this inhibit your progress?

If referred by a Solutions³ team member or partner, please indicate here: