Jacobs Senior Computer Network Defense (CND) Analyst - TS/SCI w/poly in Columbia, Maryland

Senior Computer Network Defense (CND) Analyst - TS/SCI w/poly

Description

“Jacobs National Security Solutions (NSS) provides world-class IT network and service management capabilities; cutting edge cyber threat awareness and cybersecurity solutions; innovative web- and software applications development; and advanced data analytics for major clients in the Intelligence Community, Department of Defense, and Federal Civilian Agencies.

Our forward thinking solutions deliver an integrated approach to IT network design and management, full lifecycle IT service management, IT service delivery, asset management, logistics and procurement, and vendor management. We leverage the expertise and passion of our employees to conduct identity and access management, penetration testing, and vulnerability assessments for our nation’s most closely guarded agencies and networks. Our Cyber Security Operations Centers ensure safe, effective network operations for Federal clients while our data scientists are helping stop illegal acts before they can endanger Americans or our way of life.

Jacobs promotes a culture of operational excellence to create a safer, smarter, and more connected world while upholding the highest standards of compliance, quality and integrity.

We continue to thrive and need your talent and motivation to help propel us farther, faster.”

Jacobs is currently seeking a Senior Computer Network Defense (CND) Analyst to provide the following Insider Threat Hunting Operations tasks in support of the customer's networks, systems, and applications:

  • Conduct big data analysis of network traffic and the cloud to detect unauthorized intrusions and/or insider activity

  • Discover and characterize network and platform anomalies to include cross domain violations and conduct analysis and report generation.

  • Monitor, identify and analyze anomalous network activities on various networks.

  • Conduct all multi-source threat analyses to examine host behaviors and network traffic for high priority malicious attacks, anomalous traffic, or other incidents of interest, generating and providing reports as appropriate.

  • Integrate Cyber Threat Intelligence to inform customer on newly discovered threats and vulnerabilities associated with the technologies used in the enterprise for the purpose of developing hunt analytics. Any shareable vulnerability information will be made available for traditional tipping and alerting to the broader customer base.

  • Monitor adversarial capabilities, exploits, vulnerabilities, mitigation techniques, and best practices information and guidance through all-source research.

  • Identify areas for deeper dive analysis of threat and vulnerabilities.

  • Examine network topologies to understand data flows through networks and provides mechanisms to tip countermeasures.

  • Employ analysis and tools to discover new threat actors.

  • Implement the applicable reporting guidelines outlined in applicable directives and guidance.

  • Conduct research and planning required for strategy development in response to real-time operational requirements.

  • Identify and document gaps in all data (e.g., netflow, syslog, etc.) that affect the customer mission in order to determine how to better posture mission capabilities.

  • Develop, document and synchronize the recommendations and the tasking of signature and rule sets across ail sensors e.g., IDS, FW, etc. used by the customer

#cjpost

#dicepost

Qualifications

Basic Qualifications:

  • Bachelor of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience plus twelve (12) years of directly related experience or any equivalent combination of education, experience, training and certifications.

  • A Master’s Degree in Computer Science or IT Engineering or related field of study may be substituted for six years of experience

  • Demonstrated knowledge of systems configuration and management of firewalls, IDS, servers and work stations

  • Ability to correlate incident data to identify specific vulnerabilities and make recommendations that enable remediation

  • Knowledge of incident categories, incident responses, and timelines for responses

  • Experience with collecting data and reporting results; handling and escalating security issues or emergency situations appropriately; providing incident response capabilities to isolate and mitigate threats to maintain confidentiality, integrity, and availability for protected data

  • Demonstrated experience supporting external investigations

  • Good communication and presentation skills

  • Familiarity with software development and network operations concepts and methodologies

  • Advanced knowledge of information systems security concepts and technologies; network architecture; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and computer forensic tools such as EnCase and open source alternatives

  • Advanced knowledge and experience with the Windows and Linux operating systems

  • Working knowledge of and experience in investigating malicious code

  • Demonstrated ability to apply technical and analytical skills in a security environment

  • Ability to work extremely well under pressure while maintaining a professional image and approach

  • Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause

  • Strong analytical writing skills to articulate complex ideas clearly and effectively; experience creating and presenting documentation and management reports

  • Active TS/SCI with current polygraph

Additional Qualifications:

  • Experience in training Tier I and Tier II incident response analysts to better recognize anomalous traffic and proper incident triage behaviors

  • Tier III Analyst experience, Network Analytics, Incident Investigations, Reverse Engineering and Malware Analysis, Task Prioritization

  • Strong comfort level with IPv4, TCP/IP, and RFC data, low level networking and protocols, TCP/UDP Ports for Apps, and understanding of what is normal/abnormal endpoint and on-wire activity

  • Knowing how to string together data, what questions to ask, what activities will point to a target that we care about

  • Ability to think “outside the box” and not willing to settle for conventional wisdom

  • Experience in Cloud Environment using cloud analytics and PIG scripts/jobs to present data and using the Hadoop Distributed File System

  • Use of SIEMs or scripting to pull data into usable formats. Notification sources are Antivirus, HIDS, NIDS, IPS, and Firewalls

  • Experience with Wireless and SCADA are a plus

Essential Functions:

Physical Requirements:

  • Working at a computer or desk (Considerations: Sitting, Eyes, Hands)

  • May involve long periods of sitting

Work Environment:

  • An inside office environment (Considerations: Closed quarters, lighting, and temperature fluctuations)

  • Needs to be able to work well with and support co-workers and clients

  • Needs to have clear, concise and accurate communication skills

Equipment and Machines:

  • Standard office equipment and machines, computer workstation

Attendance:

  • Punctuality and regular attendance are necessary to meet deadlines

  • Regular attendance is necessary and required

Other Essential Functions:

  • Must be able to communicate effectively

  • Must demonstrate professional behavior at all times when dealing with clients, management and employees

  • Grooming and dress must be appropriate for the position and must not impose a safety risk to the employee or others

  • Must be able to support and work in a proactive team environment

  • Must hold the safety of yourself and those around you as the number one priority in the workplace

Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. Jacobs is a background screening, drug-free workplace.

Primary Location United States-Maryland-Columbia

Req ID: I2S0003AQ