Cyber Network Defense Analyst

We are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically capable across a comprehensive range of cyber mission areas. OneZero full-time employees receive an extremely competitive benefits package that includes health/dental/vision/life insurance plans, 401K with company matching, PTO and paid holidays, employee referral program, and educational assistance. Additional details can be found on our website at:[https://www.onezerollc.com/careers](https://www.onezerollc.com/careers/)[/](https://www.onezerollc.com/careers/)

Position Title:Cyber Network Defense Analyst

Location: Washington DC

Shift - Saturday to Sunday 7pm to 7am on site

Clearance: TS/SCI

Responsibilities

• Utilize client SIEM for enterprise monitoring and detection
• Create Security Event Notifications to document investigation findings
• Perform critical thinking and analysis to investigate cyber security alerts
• Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)
• Collaborate with team members to analyze an alert or a threat
• Monitor shared email box for notifications and requests
• Utilize OSINT to aid in their investigation
• Contribute to content-tuning requests
• Have familiarity with dynamic malware analysis and experience analyzing malicious websites
• Review and provide feedback to junior analysts' investigation
• Review and implement network/host countermeasures
• Attend briefings and take appropriate actions to defend the enterprise
• Assist in the training of junior analyst
  
  

Qualifications

• Active TS/SCI clearance
• 5 years of relevant experience in Cyber Security and/or Cyber Defense
• Must possess excellent verbal and written communication skills
• Understanding of security tools such as IDS, IPS, Proxy, Firewall, Antivirus, DLP
• Working knowledge of Windows OS and standard system logs
• Have experience performing analysis of network traffic, host logs, and correlating diverse security logs
• Working knowledge of DOD CND methodologies and SOC processes
• Working knowledge of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc.)
• Knowledge of common end-user and web application attacks and countermeasures
• Experience in creating SOP and providing guidance to junior analyst
• Experience in a scripting language (e.g. python, PowerShell, JavaScript, VBS, etc)
• Familiarity with cloud technologies, architecture, monitoring tools, and TTP
• Hands-on experience utilizing network security tools (e.g. IDS/IPS, Full PCAP, WAF, etc.) and SIEM (Elastic preferred)
• Understanding of various Threat Intel Frameworks (e.g. CKC, MITRE ATTandCK, Diamond model, etc)
  
  

Required Certifications

Must possess a DOD 8570 IAT III qualifying certification

Must possess one or more of the following DOD 8570 CSSP-A qualifying certifications:

CEH

CFR

CCNA Cyber Ops

CCNA-Security

CySA

GCIA

[]{style="font-size: 12pt; font-family: 'times new roman', times, ser

"}