*All Candidates must have a TS/SCI clearance with a Polygraph
- Shall have a minimum of six (6) continuous years of work experience in network and vulnerability support analysis, or a combination of a minimum of three (3) continuous years of work experience in network and vulnerability analysis and a Bachelor’s degree in an applicable (math, science, computers, engineering) field.
- Work experience shall include three (3) years of IC experience in network and vulnerability analysis.
- Shall have demonstrated analytic ability to perform technical analysis for exploitation of an identified activity that is of an unknown or suspicious origin, competence with relevant Computer Network Operations (CNO) and SIGINT tools and databases used for the customer mission, and communications skills that include the ability to provide formal documentation of analysis and/or research results.
- Shall be considered a SME in one or more fields appropriate to Intelligence Analysis or Computer Networking technologies, and be able to serve as a SME for working groups and meetings with partner organizations/agencies.
- Shall have demonstrated expertise in analyzing intelligence information and technical data, analyzing exploitation opportunities, documenting information and processes, gathering intelligence information of an identified activity through SIGINT and/or other intelligence disciplines, Internet, and other research means, interpreting analytical results, writing and editing skills at a technical/professional level, and managing internal and external customer relations.
- Shall have demonstrated skills working through the SIGINT and/or other intelligence disciplines' production processes, to include tasking, researching, processing, reporting, and disseminating of collection, information, or final products.
- Shall demonstrate the ability to understand and interpret technical data through knowledge of technologies and topologies.
- Hands on experience supporting security assessments, Customer Teams, and/or Penetration Testing in Windows and UNIX/LINUX environments.
- Currency in penetration tools and techniques is required.
- Must have experience with Kali Linux.
- Experience in three or more of the following areas: network reconnaissance to identify devices and protocols, information gathering from network devices and hosts, vulnerability analysis based on information discovered in network reconnaissance and information gathering, auditing and exploiting web vulnerabilities, analyzing and manipulating network packets, Password Attacks, Sniffing and Spoofing, exploiting vulnerabilities identified in the assessment phase.
- Experience writing reports based on results of security testing and analysis.
- Hands on experience working in a virtual environment to include installing and configuring networks preferred.
- Experience as opposing forces in an exercise or training event preferred.
- Hands on experience working in a virtual environment to include installing and configuring networks preferred
- Hands on Experience in Windows and UNIX/LINUX environments using a variety of tools such as Metasploit, DNSwalk, Wireshark, Nmap, Armitage, Aircrack, Burp Suite, Routersploit, Firewalk, Cuckoo, Dumpzilla, Bluesnarfer and exploitdb.
- Experience in IA/CND (Protect/Detect/Respond/Sustain) with Cyber Security.
- Experience performing high-volume analysis of logs, network and system data, to include NetFlow, PCAP, XFLOW, HBSS, ACAS, along with other SIEM-specific artifacts.
- Demonstrated knowledge of network threats, attacks, and other methods of exploitation, and the ability to develop Tactics, Techniques, Procedures (TTPs) to mitigate, deter, and respond.
- Working knowledge of KALI Linux and the KALI tool suite preferred.
Required Tools/Certifications: Wireshark/Ethereal, Nessus, Snort, tcpdump, tcp wrapper, IDS (various), ISS scanner, eEye digital vulnerability scanner, <forensics work at host, network, or software levels>, <penetration testing work>, <malware, spyware, botnet work>, GCFIH, CNDA, DoD Forensic examiner, DoD Media Collector, Security+, Nmap, SSCP, Cisco CCNA ( and other Cisco related network certs), Network+, Net Impact
Preferred Tools/Certifications: IDA Pro, MetaSploit, EnCase, Cain and Abel, John the Ripper, Ollydebug, HBSS, GSEC, GCIA, GPEN, GCFW, GCFA, CORE Impact, DoD certified basic digital media collector, Paraben
WOOD is an Equal Employment Opportunity Employer; all qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or veteran status.