Jacobs Senior Computer Network Defense (CND) Analyst - TS/SCI w/poly in Columbia, Maryland
Senior Computer Network Defense (CND) Analyst - TS/SCI w/poly
“Jacobs National Security Solutions (NSS) provides world-class IT network and service management capabilities; cutting edge cyber threat awareness and cybersecurity solutions; innovative web- and software applications development; and advanced data analytics for major clients in the Intelligence Community, Department of Defense, and Federal Civilian Agencies.
Our forward thinking solutions deliver an integrated approach to IT network design and management, full lifecycle IT service management, IT service delivery, asset management, logistics and procurement, and vendor management. We leverage the expertise and passion of our employees to conduct identity and access management, penetration testing, and vulnerability assessments for our nation’s most closely guarded agencies and networks. Our Cyber Security Operations Centers ensure safe, effective network operations for Federal clients while our data scientists are helping stop illegal acts before they can endanger Americans or our way of life.
Jacobs promotes a culture of operational excellence to create a safer, smarter, and more connected world while upholding the highest standards of compliance, quality and integrity.
We continue to thrive and need your talent and motivation to help propel us farther, faster.”
Jacobs is currently seeking a Senior Computer Network Defense (CND) Analyst to provide the following Insider Threat Hunting Operations tasks in support of the customer's networks, systems, and applications:
Conduct big data analysis of network traffic and the cloud to detect unauthorized intrusions and/or insider activity
Discover and characterize network and platform anomalies to include cross domain violations and conduct analysis and report generation.
Monitor, identify and analyze anomalous network activities on various networks.
Conduct all multi-source threat analyses to examine host behaviors and network traffic for high priority malicious attacks, anomalous traffic, or other incidents of interest, generating and providing reports as appropriate.
Integrate Cyber Threat Intelligence to inform customer on newly discovered threats and vulnerabilities associated with the technologies used in the enterprise for the purpose of developing hunt analytics. Any shareable vulnerability information will be made available for traditional tipping and alerting to the broader customer base.
Monitor adversarial capabilities, exploits, vulnerabilities, mitigation techniques, and best practices information and guidance through all-source research.
Identify areas for deeper dive analysis of threat and vulnerabilities.
Examine network topologies to understand data flows through networks and provides mechanisms to tip countermeasures.
Employ analysis and tools to discover new threat actors.
Implement the applicable reporting guidelines outlined in applicable directives and guidance.
Conduct research and planning required for strategy development in response to real-time operational requirements.
Identify and document gaps in all data (e.g., netflow, syslog, etc.) that affect the customer mission in order to determine how to better posture mission capabilities.
Develop, document and synchronize the recommendations and the tasking of signature and rule sets across ail sensors e.g., IDS, FW, etc. used by the customer
Bachelor of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience plus twelve (12) years of directly related experience or any equivalent combination of education, experience, training and certifications.
A Master’s Degree in Computer Science or IT Engineering or related field of study may be substituted for six years of experience
Demonstrated knowledge of systems configuration and management of firewalls, IDS, servers and work stations
Ability to correlate incident data to identify specific vulnerabilities and make recommendations that enable remediation
Knowledge of incident categories, incident responses, and timelines for responses
Experience with collecting data and reporting results; handling and escalating security issues or emergency situations appropriately; providing incident response capabilities to isolate and mitigate threats to maintain confidentiality, integrity, and availability for protected data
Demonstrated experience supporting external investigations
Good communication and presentation skills
Familiarity with software development and network operations concepts and methodologies
Advanced knowledge of information systems security concepts and technologies; network architecture; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and computer forensic tools such as EnCase and open source alternatives
Advanced knowledge and experience with the Windows and Linux operating systems
Working knowledge of and experience in investigating malicious code
Demonstrated ability to apply technical and analytical skills in a security environment
Ability to work extremely well under pressure while maintaining a professional image and approach
Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause
Strong analytical writing skills to articulate complex ideas clearly and effectively; experience creating and presenting documentation and management reports
Active TS/SCI with current polygraph
Experience in training Tier I and Tier II incident response analysts to better recognize anomalous traffic and proper incident triage behaviors
Tier III Analyst experience, Network Analytics, Incident Investigations, Reverse Engineering and Malware Analysis, Task Prioritization
Strong comfort level with IPv4, TCP/IP, and RFC data, low level networking and protocols, TCP/UDP Ports for Apps, and understanding of what is normal/abnormal endpoint and on-wire activity
Knowing how to string together data, what questions to ask, what activities will point to a target that we care about
Ability to think “outside the box” and not willing to settle for conventional wisdom
Experience in Cloud Environment using cloud analytics and PIG scripts/jobs to present data and using the Hadoop Distributed File System
Use of SIEMs or scripting to pull data into usable formats. Notification sources are Antivirus, HIDS, NIDS, IPS, and Firewalls
Experience with Wireless and SCADA are a plus
Working at a computer or desk (Considerations: Sitting, Eyes, Hands)
May involve long periods of sitting
An inside office environment (Considerations: Closed quarters, lighting, and temperature fluctuations)
Needs to be able to work well with and support co-workers and clients
Needs to have clear, concise and accurate communication skills
Equipment and Machines:
- Standard office equipment and machines, computer workstation
Punctuality and regular attendance are necessary to meet deadlines
Regular attendance is necessary and required
Other Essential Functions:
Must be able to communicate effectively
Must demonstrate professional behavior at all times when dealing with clients, management and employees
Grooming and dress must be appropriate for the position and must not impose a safety risk to the employee or others
Must be able to support and work in a proactive team environment
Must hold the safety of yourself and those around you as the number one priority in the workplace
Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. Jacobs is a background screening, drug-free workplace.
Primary Location United States-Maryland-Columbia
Req ID: I2S0003AQ