Cyber Network Defense Analyst with Security Clearance

Position Title: Cyber Network Defense Analyst - Part time Location: Washington DC - St. Elizabeth Campus - CGHQ Clearance: TS/SCI Shifts: 7 - 7 Sat sun. Program: US Coast Guard Cyber Command - Security Operations Center (SOC) Company Description: Our great client is a an 8(a), Service-Disabled Veteran-Owned Small Business (SDVOSB) who s pecializes in cybersecurity operations, information assurance, computer network operations, solutions engineering, and project management in support of federal, state, and local government organizations. Our great client is 2023/24 awardee of Vet100 Fastest growth veteran owned business and ranked on the Inc. 5000 list and in government services. Responsibilities: Utilize client SIEM for enterprise monitoring and detection
Create Security Event Notifications to document investigation findings
Perform critical thinking and analysis to investigate cyber security alerts
Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)
Collaborate with team members to analyze an alert or a threat
Monitor shared email box for notifications and requests
Utilize OSINT to aid in their investigation
Contribute to content-tuning requests
Have familiarity with dynamic malware analysis and experience analyzing malicious websites
Review and provide feedback to junior analysts' investigation
Review and implement network/host countermeasures
Attend briefings and take appropriate actions to defend the enterprise
Assist in the training of junior analyst
Qualifications: Active TS/SCI clearance
5+ years of relevant experience
DoD 8570 IAT II or III certification
Must possess excellent verbal and written communication skills
Understanding of security tools such as IDS, IPS, Proxy, Firewall, Antivirus, DLP
Working knowledge of Windows OS and standard system logs
Have experience performing analysis of network traffic, host logs, and correlating diverse security logs t
Working knowledge of DOD CND methodologies and SOC processes
Working knowledge of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc.)
Knowledge of common end-user and web application attacks and countermeasures
Experience in creating SOP and providing guidance to junior analyst
Experience in a scripting language (e.g. python, PowerShell, JavaScript, VBS, etc)
Familiarity with cloud technologies, architecture, monitoring tools, and TTP
Hands-on experience utilizing network security tools (e.g. IDS/IPS, Full PCAP, WAF, etc.) and SIEM (Elastic preferred)
Understanding of various Threat Intel Frameworks (e.g. CKC, MITRE ATT&CK, Diamond model, etc)