Upvote
Downvote
CND / Incident Response Analyst
Share Job
- Suggest Revision
- The contractor shall assist with analysis of actions taken by malicious actors in order to determine initial infection vector, establish a timeline of activity, and any data loss associated with incidents.
- Monitor external data sources (e.g., computer network defense vendor sites, Computer Emergency Response Teams, Storage Area Networks (SANs), Security Focus), update the CND threat condition, and determine which security issues may have an impact on the enterprise.
- Analyze log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security and perform command and control functions in response to incidents.
- Forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) to support deployable Incident Response
- Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, and security robustness), collect intrusion artifacts (e.g., source code, malware, and trojans), and use discovered data to enable mitigation of potential CND incidents within the enterprise.
Active Job
Updated 9 days agoSimilar Job
Relevance
Active