Computer Network Defense & Incident Response Analyst
- Full-Time
- Fort Meade, MD
- Root9B
- Posted 3 years ago – Accepting applications
At root9B we are information security veterans impassioned in the defense of Corporate America. We're trailblazers, breaking new ground with our unique approach focused on Active Adversary Pursuit and tailored cyber operations. root9B's executive team and advisory board members are the leaders in the areas of cyber security, national security, and risk mitigation. Together, this team guides our company with a combination of security expertise, organizational management, and global perspective that is unmatched in the industry. Manned Cyber Security - we know who's in your network.
Responsibilities
- Perform CND incident triage, to include determining, urgency, and potential impact; identifying the specific vulnerability; and making written recommendations that enable expeditious remediation.
- Utilize forensically sound collection techniques of images and inspect to discern mitigation/remediation on enterprise systems.
- Perform real-time CND incident handling (e.g., forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) to support deployable Incident Response Teams (IRTs).
- Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts and track and document CND incidents from initial detection through final resolution.
- Employ approved defense-in-depth principles and practices (e.g., defense-in- multiple places, layered defenses, and security robustness).
- Collect intrusion artifacts (e.g., source code, malware, and trojans), and use discovered data to enable mitigation of potential CND incidents within the enterprise.
- Monitor external data sources (e.g., computer network defense vendor sites, Computer Emergency Response Teams, Storage Area Networks (SANs), Security Focus), update the CND threat condition, and determine which security issues may have an impact on the enterprise.
- Analyze log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security, and perform command and control functions in response to incidents.
- BS or MS Degree in Cyber Security related field.
- IAT level III certification
- 8+ years of recent Cyber Operations experience
- An active and maintained TS/SCI clearance with poly is required
root9B is an equal opportunities employer and VEVRAA Federal Contractor. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.