Cyber Network Security Analyst at Peraton Arlington, VA

Cyber Network Security Analyst job ington, VA.Program Overview About The Role

Peraton is hiring a Cyber Network Security Analyst for its' Federal Strategic Cyber programs.

Location:
Arlington, VA

As the world’s leading mission capability integrator and transformativeenterprise IT provider, Peraton delivers trusted and highly differentiated national security solutions and technologies that keep people safe and secure. We serve as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets.

In this role, you will:

• Perform technical analysis on a wide range of cybersecurity issues, with a focus on network activity and data; this includes, but is not limited to network flow (i.e., Net Flow) or related forms of session summary data, signature-based IDS alert/event data, full packet capture (PCAP) data, proxy, and application server logs (various types).
• Triage IDS alerts, collect related data from various network analysis systems, review available open and closed source information on related threats & vulnerabilities, diagnose observed activity for likelihood of system infection, compromise, or unintended/high-risk exposure.
• Prepare analysis reports detailing background, observables, analysis process & criteria, and conclusions.
• Analyze large volumes of network flow data for specific patterns/characteristics or general anomalies, to trend network activity and to correlate flow data with other types of data or reporting regarding enterprise-wide network activity.
• Leverage lightweight programming/scripting skills to automate data-parsing and simple analytics.
• Document key event details and analytic findings in analysis reports and incident management systems.
• Identify, extract, and characterize network indicators from cyber threat intelligence sources, incident reporting and published technical advisories/bulletins.
• Assess cyber indicators/observables for technical relevance, accuracy, and potential value/risk/reliability in monitoring systems.
• Recommend detection and prevention/mitigation signatures and actions as part of a layered defensive strategy leveraging multiple capabilities and data types.
• Develop IDS signatures, test, and tune signature syntax, deploy signatures to operational sensors, and monitor and tune signature and sensor performance.
• Fuse open-source threat & vulnerability information with data collected from sensors across the enterprise into cohesive and comprehensive analysis.
• Provide technical assessments of cyber threats and vulnerabilities.
• Communicate and collaborate with analysts from other SOC organizations to investigate cyber events.
• Produce final reports and review incident reports from junior analysts.
• Monitor and report on trends and activity on network sensor platforms.
• Produce and update technical analysis documentation (processes, procedures, analysis criteria, report templates, etc.).

#CISA

Minimum Requirements Are:

• 6 years related technical experience.
• Working knowledge of security concepts, protocols, processes, architectures, and tools (vulnerabilities, threats and exploitation, authentication & access control technologies, threat intelligence data and sources, WHOIS and DNS referential data and sources, intrusion detection/prevention capabilities, network traffic analysis, SIM technology, incident handling, media/malware analysis, etc.).
• Working knowledge of networking concepts, protocols, and architectures (OSI-model, TCP/IP, major application protocols such as DNS/ LAN/WANs, VPNs, routers/routing, addressing, etc.).
• Detailed knowledge of intrusion detection engines, capabilities, and signature formats in general, with a specific focus on Snort/Sourcefire variations and regular expressions (REGEX).
• Understanding of ICS systems and components that make up an ICS environment
• Know and explain the different devices and roles they have within an ICS environment
• Experience analyzing ICS Network traffic with various tools (Wireshark, Bro/Zeek, etc.)
• Knowledge of cyber policy & issues, the global cyber community, roles of major organizations how they interrelate and interact, and challenges in…