Position Title: Cyber Network Defense Analyst - Part time Location: Washington DC - St. Elizabeth Campus - CGHQ Clearance: TS/SCI Shifts: 7 - 7 Sat sun. Program: US Coast Guard Cyber Command - Security Operations Center (SOC) Company Description: Our great client is a an 8(a), Service-Disabled Veteran-Owned Small Business (SDVOSB) who s pecializes in cybersecurity operations, information assurance, computer network operations, solutions engineering, and project management in support of federal, state, and local government organizations. Our great client is 2023/24 awardee of Vet100 Fastest growth veteran owned business and ranked #491 on the Inc. 5000 list and #11 in government services! Responsibilities: * Utilize client SIEM for enterprise monitoring and detection
* Create Security Event Notifications to document investigation findings
* Perform critical thinking and analysis to investigate cyber security alerts
* Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)
* Collaborate with team members to analyze an alert or a threat
* Monitor shared email box for notifications and requests
* Utilize OSINT to aid in their investigation
* Contribute to content-tuning requests
* Have familiarity with dynamic malware analysis and experience analyzing malicious websites
* Review and provide feedback to junior analysts' investigation
* Review and implement network/host countermeasures
* Attend briefings and take appropriate actions to defend the enterprise
* Assist in the training of junior analyst
Qualifications: * Active TS/SCI clearance
* 5 years of relevant experience
* DoD 8570 IAT II or III certification
* Must possess excellent verbal and written communication skills
* Understanding of security tools such as IDS, IPS, Proxy, Firewall, Antivirus, DLP
* Working knowledge of Windows OS and standard system logs
* Have experience performing analysis of network traffic, host logs, and correlating diverse security logs t
* Working knowledge of DOD CND methodologies and SOC processes
* Working knowledge of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc.)
* Knowledge of common end-user and web application attacks and countermeasures
* Experience in creating SOP and providing guidance to junior analyst
* Experience in a scripting language (e.g. python, PowerShell, JavaScript, VBS, etc)
* Familiarity with cloud technologies, architecture, monitoring tools, and TTP
* Hands-on experience utilizing network security tools (e.g. IDS/IPS, Full PCAP, WAF, etc.) and SIEM (Elastic preferred)
* Understanding of various Threat Intel Frameworks (e.g. CKC, MITRE ATT&CK, Diamond model, etc)