*All Candidates must have a TS/SCI clearance with a Polygraph
- Shall have a minimum of eight (8) continuous years of work experience in network and vulnerability analysis, or a combination of a minimum of five (5) continuous years of work experience in network and vulnerability analysis and a Bachelor’s degree in an applicable (math, science, computers, engineering) field.
- Work experience shall include five (5) years of IC experience in network and vulnerability analysis.
- Shall have demonstrated expertise related to the use of relevant Computer Network Operations (CNO) and SIGINT tools and databases used for the customer mission.
- Shall also demonstrate analytic ability to discover unknown, suspicious or exploitation activity, be able to provide briefings of intrusion set activity to partner organizations/agencies, and be knowledgeable about all forms of reporting and experienced with creating each product type, and thus be able to organize training for other team members on analysis, tools, or reporting.
- Shall have demonstrated the analytic expertise to perform technical analysis for exploitation of an identified activity that is of an unknown or suspicious origin, competence with relevant analyst tools and databases used by the customer organization, and communications skills that include the ability to provide formal documentation of analysis and/or research results.
- Shall be considered a SME in one or more fields appropriate to Intelligence Analysis or Computer Networking technologies, and be able to serve as a SME for working groups and meetings with partner organizations/agencies.
- Shall have demonstrated expertise in analyzing intelligence information and technical data, analyzing exploitation opportunities, interpreting analytical results, writing and editing skills at a technical/professional level, and managing internal and external customer relations.
- Shall have demonstrated skills working through the SIGINT and/or other intelligence disciplines' production processes, to include tasking, researching, processing, reporting, and disseminating of collection, information, or final products.
- Shall demonstrate the ability to understand and interpret technical data through knowledge of technologies and network topologies.
- Shall have demonstrated expertise in documenting information and processes and gathering intelligence information of an identified threat activity through SIGINT and/or other intelligence disciplines, Internet, and other research means.
- Experience accessing and manipulating Cloud data; preferably knowledge and experience with NSA's corporate cloud environments (MDR's 1-3 and IC-GovCloud).
- Experience working with COPILOT front-end processor for MDR-1 and IC-GovCloud.
- Experience with PIG/Piglet, Hadoop, MapReduce.
- Experience with analytic development to support analysis.
- Experience with Big Data analysis - applying tools and techniques for distilling information to identify actionable information and findings for specific users (e.g., entity disambiguation, data mining, anomaly detection, trend analysis, summarization, abstracting, and fusion).
Required Tools/Certifications: Wireshark/Ethereal, Nessus, Snort, tcpdump, tcp wrapper, IDS (various), ISS scanner, eEye digital vulnerability scanner, <forensics work at host, network, or software levels>, <penetration testing work>, <malware, spyware, botnet work>, GCFIH, CNDA, DoD Forensic examiner, DoD Media Collector, Security +, Nmap, SSCP, Cisco CCNA ( and other Cisco related network certs), Network +, Net Impact
Preferred Tools/Certifications: IDA Pro, MetaSploit, EnCase, Cain and Abel, John the Ripper, Ollydebug, HBSS, GSEC, GCIA, IAM, IEM, GPEN, GCFW, GCFA, CORE Impact, DoD certified basic digital media collector, Paraben
WOOD is an Equal Employment Opportunity Employer; all qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or veteran status.