Computer Network Defense (CND) Analyst

Cedar City, Utah, United States · GSJD5101 expand job description ↓

Description

NOTE: In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document upon hire (USCIS FORM I-9).
GuardSight does not currently offer visa sponsorship.

Job Purpose: Monitor client networks, through the use of defensive measures and information collected from a variety of sources, to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.

Job Duties:

  • Detect host and network-based intrusions via intrusion detection technologies
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
  • Perform computer network defense (CND) trend analysis and reporting
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts
  • Conduct tests of information assurance (IA) safeguards in accordance with established test plans and procedures
  • Identify and analyze anomalies in network traffic using metadata
  • Identify and triage malware
  • Create technically detailed reports based on intrusions and events
  • Assist in troubleshooting and problem solving a wide variety of client issues
  • Provide quality customer service with excellent communication skills

Requirements

  • Knowledge of computer network defense (CND) and vulnerability assessment tools, including open source tools, and their capabilities
  • Knowledge of Intrusion Detection System (IDS) tools and applications
  • Knowledge of intrusion detection methodologies and techniques for detecting host- network-based intrusions via intrusion detection technologies
  • Knowledge of content development
  • Skill in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort)
  • Knowledge of common adversary tactics, techniques, and procedures (TTPs) in assigned area of responsibility (e.g., historical country-specific TTPs, emerging capabilities)
  • Knowledge of defense-in-depth principles and network security architecture
  • Skill in collecting data from a variety of computer network defense resources
  • Knowledge of computer network defense (CND) policies, procedures, and regulations
  • Knowledge of the common attack vectors on the network layer
  • Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution)
  • Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation [nation state sponsored])
  • Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)
  • Knowledge of Intrusion Detection System (IDS) tools and applications
  • Knowledge of the types of Intrusion Detection System (IDS) hardware and software
  • Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies
  • Skill in handling malware
  • Skill in protecting a network against malware
  • Knowledge of malware analysis concepts and methodology
  • Skill in tuning sensors

    General Skills / Qualifications:
    • Strong written and oral communication skills
    • Strong interpersonal communication skills
    • Ability to follow instructions
    • Ability to work as part of a team
    • Ability to work independently
    • Must have a 'warrior mentality'

    Information Security Specialist Skills / Qualifications:
    • Bachelor’s degree and two years of IT / information security experience security experience; One year of additional IT / information security experience security experience may be substituted for each year of degree-level education.
    • Certification in a minimum of one IT and / or cyber security discipline

    Security Analyst I Skills / Qualifications:
    • Bachelor’s degree and two years of IT / information security experience; One year of additional IT / information security experience may be substituted for each year of degree-level education.
    • CISSP or SANS or equivalent information security certification required
    • Additional minimum of one IT and / or information security discipline certification desired

    Security Analyst II Skills / Qualifications:
    • Bachelor’s degree and four years of IT / information security experience security experience; Two years of additional IT / information security experience may be substituted for each year of degree-level education
    • CISSP certification required
    • Additional minimum of one IT / information security security discipline certification required

Benefits

To be discussed.

Do you have a LinkedIn account? Import your resume and save time!

Personal information
Your Profile
Application Details