JOBSEARCHER

Network Based Systems Analyst - II

Join Our Team as a Cyber Network Defense Analyst (CNDA) At Farfield Systems, we have proudly supported the government contracting community for over 23 years, dedicated to missions that truly matter. Our commitment to putting our team members first has cultivated a culture that allows us to excel in serving our clients and their critical needs. We believe in the power of an “employee driven…customer focused” approach, and we are excited to invite you to be part of our mission. As a Cyber Network Defense Analyst (CNDA), you will play a vital role in our commitment to safeguarding our customers' most important missions. Your expertise will be key in delivering advanced technical assistance, proactive hunting, rapid onsite incident response, and thorough investigations using host-based, network-based, and cloud-based cybersecurity capabilities. Join our team of skilled professionals who are dedicated to front-line digital forensics and incident response (DFIR), and help us in the proactive hunt for malicious cyber activities. Key Responsibilities: Analyze and characterize network traffic to detect anomalous activity and potential threats to our network resources. Collaborate with enterprise-wide cyber defense staff to validate network alerts and ensure a cohesive response. Document and escalate incidents, including event history, status, and potential impacts, to facilitate immediate action and ongoing protection of the environment. Conduct trend analysis and reporting on cyber defense activities to enhance our strategies. Perform event correlation using diverse sources of information to gain situational awareness and assess observed attacks. Produce daily summary reports on network events and activities pertinent to cyber defense practices. Analyze network alerts from various sources to determine their causes and potential implications. Provide timely detection and alerting of potential attacks, intrusions, anomalous activities, and misuse, while distinguishing them from benign activities. Utilize cyber defense tools for continuous monitoring and analysis of system activity to identify malicious behavior. Investigate identified malicious activities to determine exploited weaknesses, methods of exploitation, and the impact on systems and information. Identify and analyze anomalies in network traffic using metadata for enhanced security. Validate intrusion detection system (IDS) alerts through packet analysis tools against network traffic. Recognize the operating systems and applications of network devices based on traffic analysis. Reconstruct malicious attacks or activities from network traffic patterns. Identify network mapping and operating system fingerprinting activities. Contribute to the development of signatures for cyber defense network tools in response to new and observed threats. If you're ready to make a meaningful impact in the realm of cybersecurity while being part of a team that values your contributions, we invite you to apply and help us continue our legacy of excellence. Together, let's protect what matters most. Requirements: U.S. Citizenship Active TS/SCI clearance Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability 2+ years of direct relevant experience in cyber defense analysis using leading edge technologies and industry standard cyber defense tools Experience successfully developing and deploying signatures Experience detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort) Experience implementing incident handling methodologies Experience implementing protocol analyzers Experience collecting data from a variety of cyber defense resources Experience reading and interpreting signatures (e.g. snort) Experience performing packet-level analysis Experience conducting trend analysis Desired Skills: Python programming experience Strong math and science background Experience with Carnegie Mellon SiLK tool suite Required Education: BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 4+ years of network investigations experience. Desired Certifications: One or more of the following professional certifications: GNFA, GCIH, GCIA, GSEC, CASP+, CySA+, PaLMS, FedVTE GSEC (SANS401), Arcsight (or other SEIM solution), Network+, Security+