Information Assurance Analyst
Employee Type: Full-Time
Locations: Pearl Harbor, HI
Job Type: Information Assurance Analyst
Experience: 3+ Years
Clearance Type: TS/SCI
AERMOR is seeking qualified candidates with Computer Network Defense (CND)/Defensive Cyber Operations (DCO) experience to support the day to day cyber analysis function of the Command network monitoring and modernization effort at multiple Broadcast Control Authority (BCA) locations in the following areas: Provide hands-on analysis of the Command network modernization effort; liaison with CNDSP internal stakeholders to maximize mission coordination and effectiveness; coordinate with Senior Information Assurance Analyst to maximize the effect of analysis of network system-generated data; and provide day to day leadership and guidance to all members of the network monitoring and modernization effort.
- Rapidly assess network traffic, detect data anomalies, and provide detailed reporting on the same.
- Provide alert handling mitigation strategies to BCA military/GS staff.
- Serves as the team member to support the analysis of general network technical problems and provides recommendations and technical support in solving these problems.
- Performs cyber analysis on data collected by the network monitoring systems, as well as provide the assessment and implementation of solutions to meet network security requirements.
- Ensure the successful performance of vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
- Understand and evaluate security threats and perform a risk analysis of those threats as it applies to the environment.
- Assists with the development of SOPs to assist the customer with procedure and process improvement.
- Provides analyst support during exercises.
Required Skills and Experience:
- At least one-year relevant experience with Navy cybersecurity and network operations. Prior BCA experience is an added bonus.
- Demonstrable ability to interact effectively within the naval community.
- Strong report writing skills and general communication skills.
- Strong critical thinking, analysis, and investigative skills.
Desired Skills and Experience:
- Experience with computer network defense (CND) and vulnerability assessment tools, including open-source tools, and their capabilities.
- Demonstratable knowledge of Intrusion Detection/Prevention System (IDS/IPS) tools and applications. Specific experience with Security Onion, Splunk Knowledge Management, Snort, BRO preferred.
- Experience with intrusion detection methodologies and techniques for detecting host- network-based intrusions via intrusion detection technologies.
- Skill in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
- Experience with common adversary tactics, techniques, and procedures (TTPs) in assigned areas of responsibility (e.g., historical country-specific TTPs, emerging capabilities).
- Knowledge of defense-in-depth principles, network security architecture, and content development.
- Skill in collecting data from a variety of computer network defense resources.
- Knowledge of computer network defense (CND) policies, procedures, and regulations.
- Knowledge of the common attack vectors on the network layer.
- Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
- Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation [nation state sponsored]).
- Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Experience with different types of Intrusion Detection/Prevention System (IDS/IPS) hardware and software.
- Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies.
- Skill in protecting a network against malware and handling malware.
- Knowledge of malware analysis concepts and methodology.
- Skill in tuning sensors which normally requires UNIX/Linux background.
- Associate of Science degree in information systems, information security, computer science or related discipline, or equivalent experience.
- CompTIA Security + CE Certification.
For more information contact: firstname.lastname@example.org