Overview: Job Title: Cyber Network Defense (CND) Analyst Job Location: Bolling AFB - Washington, DC Security Clearance: TS/SCI - will need to get final adjudication for Yankee White Certification: Current IAT Level II (Security+ce, CCNA Security, etc.) certification. Ability to obtain DoD-8570 CSSP Analyst certification (Certified Ethical Hacker or equivalent) within 180 days of start date. Due to the nature of the work and contract requirements, US Citizenship is required. Job Responsibilities: Trace Systems is actively searching a Cyber Network Defense (CND) Analyst to monitor the Presidential IT Community (PITC) network using Splunk and customer provided cybersecurity tools to identify system threats and security events. Analyze events and recommend appropriate courses of action to mitigate threats and reduce risks. Coordinate with customer/DoD analysts, Executive Office of the President (EOP) analysts, and other internal and external organizations as directed by customer leadership. Established SOPs, and contribute to the improvement of our Tactics, Techniques and Procedures (TTPs), including operating procedures; data searches, extractions, and analysis; and dashboard presentation of event data. CND Team duties include but are not limited to:
Detect: * Employ advanced forensic tools & techniques for network attack reconstruction * Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of the PITC network * Correlate actionable security events to aid in the identification of threat trends and possible Advanced Persistent Threats * Document events in the customer's ticketing system per established SOPs Response: * Advise customer leadership, CND engineering/tool support, and other SOC analysts on a strategy to mitigate specific incidents and trending threats * Interface with WHCA enterprise support teams such as system admins, network admins and IA as required to investigate and/or resolve incidents and issues * Participate in the coordination of resources during enterprise incident response efforts * Interface with external entities including Secret Service, intelligence community and other government agencies as required Sustain: * Provide support if needed for the development, implementation, integration, management, and sustainment of sensor and sensor support technologies * Support efforts to meet program Acceptable Levels of Performance as they relate to response time, action item tracking and security incidents, as these apply to specific responsibilities assigned to the analyst Minimum Qualifications: * An active CompTIA Security+CE certification or equivalent * Ability to obtain DoD-8570 CSSP Analyst certification (Certified Ethical Hacker or equivalent) within 180 days of start date. Strongly preferred if candidate already has this certification. * Must currently hold a TS/SCI clearance to be considered, and qualify for Presidential Support Duty (successfully pass Yankee White approval process) to start * Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements. * Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain. * Willing to perform shift work, including weekends and non-standard work hours. Desired Qualifications: * CND experience (Detect, Respond, Sustain, and Hunt) within a Computer Incident Response organization. * Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs). * Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements. * Demonstrated hands-on experience analyzing network and log data (e.g. PCAP), and other attack artifacts in support of incident investigations. * In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk). * Experience and proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics. * Experience with malware analysis concepts and methods. * Scripting and programming experience (Powershell; Bash/PERL/Python scripting) * Motivated self-starter with strong written and verbal communication skills. Education: * Preferred to have Bachelor's in Engineer, Computer Science, IT management OR sufficient technical certifications and experience Trace Systems Trace Systems, headquartered in Vienna, Virginia, was founded to support and defend our nation's security interests at home and abroad-- whenever and wherever. We provide cybersecurity, intelligence, communications, networking and information technology services, systems, and solutions to the United States Department of Defense, Intelligence Community and Department of Homeland Security. To Apply: We invite you to put your talents to work by joining a growing team of dynamic professionals here at Trace Systems! Be part of a culture at our leading edge company where you can achieve great things while fostering a satisfying and rewarding career progression. Please apply directly through the website at: www.tracesystems.com . #jointracesystems For any additional questions or to submit any referrals, please contact Trace Systems is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Find your favorite job now by visiting our jobs page