Ozs13138 Cyber Network Defense Analyst

Position Title: Cyber Network Defense Analyst Location: FEMA - Bluemont, VA - The position is a hybrid of telework and on-site. 3 days on-site and 2 days telework a week. Shift: Afternoon shift from 2pm to 10pm, Tuesday through Saturday. Clearance: Top Secret with SCI eligibility. DHS EOD is also required to start on site. Program: Federal Emergency Management Agency Company Description: Our great client is a an 8(a), Service-Disabled Veteran-Owned Small Business (SDVOSB) who s pecializes in cybersecurity operations, information assurance, computer network operations, solutions engineering, and project management in support of federal, state, and local government organizations. Our great client is 2023/24 awardee of Vet100 Fastest growth veteran owned business and ranked on the Inc. 5000 list and in government services. Job Description: Department of Homeland Security (DHS), Federal Emergency Management Agency (FEMA) Security Operations is responsible to prevent, identify, contain and eradicate cyber threats to FEMA networks through monitoring, intrusion detection and protective security services to FEMA information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The FEMA Security Operations is responsible for the overall security of FEMA Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations. The ideal candidate will have a basic understanding of cyber threats, information security, security monitoring, threat detection, incident response, and incident handling (NIST SP 800-61). The candidate should be familiar with conducting security monitoring in a SIEM such as Splunk or other like-tools. The candidate must be familiar with TCP/IP ports and protocols, IDS/IPS systems, and basic incident handling and response concepts. Tier 2 Analyst should have expertise in at least one of the following specialized areas: Technology stack: Elastic
Splunk Enterprise Security
Crowdstrike Falcon
Axonius
Security Center/Nessus
Microsoft eDiscovery
Whats Up Gold
Symantec Bluecoat
Common dashboards that are used and monitored Crowdstrike Falcon Incident Dashboard
Crowdstrike Falcon Detection Dashboard
Splunk Alert dashboard
Qualifications: Active Top Secret with SCI eligibility Between 2-4 years of Cyber Network Defense experience
Knowledge of TCP/UDP/IP networking, familiarity with packet analysis tools such as WireShark, and a general understanding of networking protocols Required Certification: DoD 8570 IAT II