Computer Network Defense Analyst (EAIRS)
About The Position
Horizon Industries Limited (Horizon) is seeking a Computer Network Defense (CND) Analyst to join their team. This role involves participating in 24x7x365 monitoring of DLA's SIEM and other cybersecurity monitoring tools to detect and respond to cybersecurity threats within DLA's Enterprise Network Environment. The CND Analyst will perform actions to protect, monitor, detect, analyze, and respond to unauthorized activity, employing cybersecurity capabilities to address specific alerts or emerging threats. They will review logged events for trends indicative of attack or compromise, actively monitor logs and traffic for Advanced Persistent Threats (APT) and "low and slow" attacks, and maintain awareness of possible threats through intelligence resources like Open-Source Intelligence (OSINT). Additionally, the analyst will provide technical analysis and sustainment support for enterprise IA tools and applications, assisting with the application of Defense-In-Depth signatures and perimeter defense controls.
Requirements
- 5 years relevant Cybersecurity/IT experience
- IAT II: One of the following CCNA-Security; CySA+; GICSP; GSEC; Security+ CE; CND; SSCP
- CNDSP/CSSP-IR
- Must have one of the “Computer Network Defense” CE Certifications within six (6) months of onboarding.
- Top Secret Clearance
- Five (5) years of relevant IT experience.
- Two (2) years performing root cause analysis of cybersecurity events and incidents
- Working knowledge of at least at least two types of security tools: Firewall, IDS/IPS, Host based antivirus, Data loss prevention, Vulnerability Management, Forensics, Malware Analysis, Device Hardening
- Understanding of Defense-in-Depth
- Must possess a DOD Top Secret Clearance.
- Must possess a relevant certification meeting the DOD 8570.01 IAT level II. One of the following: CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP
- Must maintain CNDSP/CSSP-IR
Nice To Haves
- Ability to build scripts and tools to enhance threat detection and incident response capabilities (Preferably in SPL, Python, PowerShell)
Responsibilities
- Participates in 24x7x365 monitoring DLA's SIEM and other cybersecurity monitoring tools in an effort to detect and respond to cybersecurity threats within DLA's Enterprise Network Environment.
- Performs actions to protect, monitor, detect, analyze, and respond to unauthorized activity.
- Employs Cybersecurity capabilities and deliberate actions to respond to specific alerts or emerging threats.
- Reviews logged events for trends that are indicative of attack or compromise within the environment.
- Actively monitors logs and traffic for Advanced Persistent Threats (APT) and "low and slow" attacks within the environment.
- Maintains awareness of possible threats through the use of intelligence resources to include Open-Source Intelligence (OSINT).
- Provides technical analysis and sustainment support for the enterprise for IA tools and applications and assists with the application of Defense-In-Depth signatures and perimeter defense controls to diminish network threats.
Benefits
- healthcare (medical, dental, vision, and disability)
- a 401 (k) program where you are 100% vested from day one with an employer match after 90 days.
- An Educational Assistance program.
- a Student Loan Repayment Program
- Gym Reimbursement Program.
- Paid Time off
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
