Kforce Computer Network Defense / Incident Response Analy in Arlington, Virginia

Kforce has a client seeking a Computer Network Defense / Incident Response Analyst in Arlington, VA. Key Role:

  • Provide Cyber threat risk assessments and real time threat mitigation and countermeasures options, including course of action planning and execution

  • Actively monitor threat reporting and tune sensors and computer network defense tools to detect and prevent those threats from impacting the organization's systems and networks

  • Develop network and host-based signatures to detect and prevent historic, current, emerging, and anticipated advanced persistent Cyber threats, tools, and methodologies

  • Analyze high-threat software and system vulnerabilities in order to build signatures and countermeasures to detect and prevent exploitation of those vulnerabilities

  • Develop comprehensive strategies for applying security concepts and techniques to systems to increase confidentiality, integrity, and availability in the face of persistent and sophisticated Cyber threats

  • Evaluate Cyber threat in foreign countries and brief selected travelers on the threat and recommended countermeasures

  • Analyze network logs and alerts for possible patterns of previously detected and new advanced persistent threats

  • BS degree in CS, Engineering, Mathematics, or Business

  • 5 years of experience in IA as it relates to operational testing, incident response, and computer network defense

  • 5 years of experience with network attack patterns, detection techniques, trends, threat actors, and techniques for defending a network against attacks

  • Experience with conducting active hunting for network intrusion on a network involving manual packet capture analysis, DNS log review, open source, and closed source intelligence analysis

  • Experience with creating detailed reports on attack trends and recommended mitigations that are suitable for both senior leaders and technical audiences

  • Experience with gathering, analyzing, and implementing defenses against Indicators of Compromise (IOC) gathered from open forums, closed forums, mailing lists, and directed research

Additional Qualifications:

  • 5 years of experience in one or more of the following areas:

  • IA metrics, data collection methodologies, data collating, and reporting in an operational testing environment

  • Mandiant Incident Response (MIR), FireEye, Cisco WebProxy, Splunk, Bro IDS, Solara, Wireshark, and other open or closed source network defense tools or products

  • Vulnerability assessments, results analysis, and recommended risk mitigation solutions

  • Forensic investigation of network intrusion and recreating an incident from information gathered on compromised systems using tools, including EnCase

  • Incident response, including preparation, detection, containment, eradication, recovery, and follow-up

  • Certification as a Security professional at the DOD 8570 IAT-II level

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.Compensation Type:Hours