Network Defense and Security Analyst

Overview

Abacus Technology is seeking a Network Defense and Security Analyst to provide technical support for the AFCENT Network Operations and Security Center (NOSC) at Lackland AFB as part of a 24/7/365 support environment. This is a full-time position.

• Provide technical reports, meeting minutes, program plans, concepts of operations, contingency plans, and related documentation as identified for task deliverables.
• Prepare and disseminate operational reports.
• Monitor network traffic to provide event correlations of operational traffic from multiple locations to determine network security posture.
• Utilize standard/provided network tools to evaluate traffic for incident response analysis.
• Coordinate and execute JTF-GNO Information Assurance Vulnerability Alert (IAVA) notices as applicable on USCENTCOM networks/systems with the USAFCENT NOSC.
• Maintain IDS/IPS devices to ensure they are operating at optimal efficiency.
• Develop methods to detect and prevent intrusive activities utilizing new vulnerabilities and exploits.
• Assist NOSC-Cybersecurity to develop countermeasures to isolate, contain and prevent intrusive actives and secure USAFCENT/USCENTCOM networks.
• Correlate unusual and suspicious network activity across USCENTCOM.
• Validate unusual network activity unique to geographical regions and sensor locations.
• Provide an overall site-analysis profile to serve as a benchmark to identify unusual or suspicious activity.
• Assist in the compilation of Network Defense statistical and trend data, and operational event reporting, as requested by NOSC management.
• Provide site-specific and service-level intrusion packet level analysis using selected tools and activities related to mission execution; and track trends of authorized and unauthorized activity.
• Correlate unusual and suspicious network activity across USCENTCOM; and validate unusual network activity unique to geographical regions and sensor location(s).
• Document network devices and location of network devices. Provide technical information to USCENTCOM customers on devices with an emphasis on any possible security issues with them.
• Document any waivers for non-standard network configurations.
• Provide an overall site-analysis and profile for existing USCENTCOM networks and supported units to serve as a benchmark to identify unusual or suspicious activity; and research, document and report suspicious activity.
• Provide focused Network Defense tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named Network Defense operations and exercises.
• Perform cyber incident handling and support activities, including but not limited to, reporting and notifying, documenting, and coordinating: (1) detection of events; (2) preliminary analysis; (3) preliminary response action; (4) incident analysis; (5) response and recovery; and (6) post incident analysis.
• Perform network traffic analysis to evaluate intruder activities using host and network-based monitoring systems; correlate information gathered to provide effective methods to USCENTCOM domains; determine the probability of exploitation of discovered network vulnerabilities; and ensure appropriate notifications and action are taken to reduce the risk to USCENTCOM networks.
• Support USCENTCOM 24/7 Network Defense monitoring operations.
• Open and conduct network intrusion investigations to validate the unauthorized activity and determine the type and extent of activity.
• Conduct network and computer forensics on suspected and confirmed compromised USCENTCOM systems to determine the method of intrusion and corrective actions to be taken to prevent or detect similar future activities.
• Develop and implement methods to identify, contain, log, analyze and prevent intrusive activities and security vulnerabilities on automated information systems and networks; and conduct operations and develop countermeasures to isolate, contain, and prevent intrusive activities and security vulnerabilities.
• Develop and implement methods to identify, contain, log, analyze and prevent malware-based activities on automated information systems and networks, and operate, maintain and administer anti-virus tools.
• Provide AFOSI (Air Force Office of Special Investigation), Army Criminal Investigation Division (CID), Naval Criminal Investigation Service (NCIS) Network Defense technical support and expertise to assist law enforcement and counter-intelligence activities, and continue to conduct base network defense while component investigative agencies collects network evidence.
• Provide support to USCENTCOM network administrators on the installation and analysis of packet sniffers their network topology.
• Install, configure, maintain and manage the USAFCENT IDS/IPS sensor fleet, Arc Sight Enterprise Security Manager, CIDDS directors, and associated Virtual Private Network (VPN) equipment.
• Provide technical advice and assistance to the USAFCENT NOSC-Cybersecurity to resolve network issues and perform…