Lead Computer Network Defense / Incident Response Analyst

Lead Computer Network Defense / Incident Response Analyst (PENT-19-0027-F)
Bowhead is seeking a Lead Computer Network Defense (CND) / Incident Response (IR) Analyst to serve as the primary focal point to develop, execute, and maintain full-scope CND and IR operations that monitor for, detect, protect against, and respond to cyber exploitation and attack efforts against all of an organization's systems, networks, and users for a government client in Washington DC.
In support of this task, the individual will perform the following activities which include, but are not limited to:
Innovate new methods to use existing tools and data sources (and identify and obtain new data sources) to detect cyber intrusions, while reducing false positives while not allowing false negatives in the methodologies that are implemented.
Ensure that all alerts are monitored, interpreted, analyzed, and investigated to ensure that network intrusion attempts are detected and prevented from expanding the scope of exploitation beyond the initial detected intrusion point.
Innovate new methods to use existing tools and data sources, and identify and obtain new data sources, to prevent cyber intrusions, while always maintaining high availability of network and information services to the customer base.
Research open source and classified reporting to determine if a given incident was related to a generic Internet threat or an advanced persistent threat, and brief the customer immediately of all persistent threat activity.
Provide cyber threat risk assessments and real time threat mitigation and countermeasure options, as well as course of action planning and execution.
Requirements? BS in computer science, engineering, mathematics, business or related field of study from an accredited institution.
Current working knowledge of Information Assurance as it relates to operational testing, incident response, and computer network defense.
Extensive knowledge of network attack patterns, detection techniques, trends, threat actors and techniques for defending a network against these attacks.
Experience conducting active hunting for network intrusion on a network involving manual packet capture analysis, Domain Name System (DNS) log review, open source and closed source intelligence analysis.
Experience creating detailed reports on attack trends and recommended mitigations that are suitable for both senior leaders and technical audiences.
Experience gathering, analyzing and implementing defenses against Indicators of Compromise (IOC) gathered from open forums, closed forums, mailing lists and directed research.
Experience leading a CND/IR team, directing investigation and creating detailed reports.
A minimum of 8 years' experience in the following areas:
a. IA metrics, data collection methodologies, data collating and reporting in an operational testing environment.
b. Mandiant Incident Response (MIR), FireEye, Cisco WebProxy, Splunk, Bro IDS, Solara, Wireshark and other open/closed source network defense tools/products
c. Vulnerability assessments, results analysis and recommended risk mitigation solutions.
d. Forensic investigation of network intrusion and the ability to recreate an incident from information gathered on compromised systems using tools such as EnCase.
e. Incident response, e.g. preparation, detection, containment, eradication, recovery, and follow-up.
f. Certification as a Security professional at the DOD 8570 IAT-II level.
Must either be or have been determined favorably eligible for SCI within the past 23 months by the Intelligence Community.
SECURITY CLEARANCE REQUIRED: Must be able to maintain a security clearance at the Top Secret/ SCI level. US Citizenship is a requirement for Top Secret/SCI clearance at this location.
Applicants may be subject to a pre-employment drug & alcohol screening and/or random drug screen, and must follow UIC's Non-DOT Drug & Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicant's resume/application may be subject to verification.
Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification. In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes.
UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, national origin, disability, veteran status, and other protected characteristics EOE/AA/M/F/D/V. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act.
All candidates must apply online at www.uicalaska.com, and submit a completed application for all positions they wish to be considered. Once the employment application has been completed and submitted, any changes to the application after submission may not be reviewed. Please contact a UIC HR Recruiter if you have made a significant change to your application. In accordance with the Americans with Disabilities Act of 1990 (ADA), persons unable to complete an online application should contact UIC Human Resources for assistance (http://www.uicalaska.com/contact-us/human-resources/).
UIC Government Services (UICGS / Bowhead) provides innovative business solutions to federal and commercial customers in the areas of engineering, maintenance services, information technology, program support, logistics/base support, and procurement. Collectively, the fast-growing Bowhead Family of Companies offers a breadth of services which are performed with a focus on quality results. Headquartered in Alexandria, VA, we are a fast-growing, multi-million-dollar corporation recognized as one of the top 25 8(a) companies for government contracting.
Cut/Paste this Link to Apply:
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
Please view Equal Employment Opportunity Posters provided by OFCCP here.
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
Apply OnlineSend This Job to a Friend
? Ultimate Software

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Lead Computer Network Defense / Incident Respo...
Ft Myer, VA Bowhead / UIC Technical Services
Computer Network Defense/ Incident Response An...
Ft Myer, VA Ukpeagvik Inupiat Corporation
Computer Network Defense/ Incident Response An...
Ft Myer, VA Bowhead / UIC Technical Services
Computer Network Defense (CND) Analyst
Stafford, VA SAIC
Computer Network Defense (CND) Analyst
Stafford, VA SAIC