• Network and Threat Forensics Support Specialist (Senior)

    Location US-MD-Ft. Meade
    Posted Date 3 weeks ago(5/2/2018 2:58 PM)
    Job ID
    N-1668
    # Positions
    1
    Experience (Years)
    8
    Category
    Cyber Security
  • Overview

    WOOD is currently hiring a Network and Threat Forensic Support Specialist (Senior) to join our team in the Ft. Meade, MD area.  The Network Threat Engineer shall demonstrate the ability to aid in generating SNORT and other Intrusion Detection Signatures for multiple platforms, thus aiding with defeats and allowing for enhanced detection in collection. This is a full-time, career oriented opportunity and requires current TS/SCI with poly. 

    WOOD Consulting Service, Inc. is a Management Consulting and IT Services firm providing innovative results to our Federal customers.  Our diverse array of services and solutions are designed to help our clients leverage, protect, and maximize their information technology investments.  We offer a fantastic benefits package including but not limited to:

     

    • 4 weeks PTO, 10 paid holidays
    • Company Sponsored Health, Dental and Vision through BCBS
    • Matching 401K
    • Educational Reimbursement up to $4500 annually
    • Continued training and learning through WOOD University
    • PMI certified training
    • Competitive salary and much, much more…

    Responsibilities

    • Support operations and intelligence collection capabilities conducted through the use of computer networks to gather data from target networks.
    • Perform security assessments, forensic and malware analysis on a variety of information systems.
    • Shall demonstrate the ability to aid in generating SNORT and other Intrusion Detection Signatures for multiple platforms, thus aiding with defeats and allowing for enhanced detection in collection.
    • Shall demonstrate the ability to use various in-house, commercial and freeware tools to interpret and analyze technical data and the ability to document and report technical findings for internal and external customer use.
    • Shall have demonstrated expertise related to the use of relevant CNO and SIGINT tools and databases used for the customer mission. Shall also demonstrate analytic ability to discover unknown, suspicious or exploitation activity, be able to provide briefings of intrusion set activity to partner organizations I agencies, and be knowledgeable about all forms of reporting and experienced with creating each product type, and thus be able to organize training for other team members on analysis, tools, or
    • Shall have demonstrated analytic expertise to perform technical and overall analysis of unknown, suspicious or exploitation activity identified, and communications skills that include the ability to provide formal documentation of analysis and/or research results.
    • Shall be considered a Subject Matter Expert in one or more fields appropriate to Intelligence Analysis or Computer Networking technologies, and be able to serve as Subject Matter Expert for working groups and meetings with partner organizations agencies.
    • Shall have demonstrated expertise in analyzing intelligence information and technical data, analyzing exploitation opportunities, documenting information and processes, gathering intelligence information of an identified activity through SIGINT and/or other intelligence disciplines, Internet, and other research means, interpreting analytical results, writing and editing skills at a technical/professional level, and managing internal and external customer relations.
    • Shall have demonstrated skills working through the SIGINT or other intelligence production processes, to include tasking, researching, processing, reporting, and disseminating of collection, information, or final products. Shall demonstrate the ability to understand and interpret technical data through knowledge of technologies and topologies.

     

     

    Qualifications

    *All Candidates must have a TS/SCI clearance with a Polygraph

    • Shall have a minimum of eight (8) continuous years of work experience in network and vulnerability analysis, or a combination of a minimum of five (5) continuous years of work experience in network and vulnerability analysis and a Bachelor’s degree in an applicable (math, science, computers, engineering) field. Work experience shall include five (5) years of IC experience in network and vulnerability analysis.
    • Shall have demonstrated ability to independently and accurately evaluate multiple operating systems, network configurations, network architectures, and topologies for potential technical and/or operational vulnerabilities. Must demonstrate in-depth knowledge of network tools used to assess traffic at the application layer, rendering the ability to identify and interpret anomalous activity in packet details.
    • Must demonstrate in-depth knowledge of network tools used to assess traffic at the application layer.
    • Be able to evaluate and implement solutions including but not limited to firewalls, routers, switches, IDS.
    • Have experience in Python and BASH.
    • Knowledge of the creation of hashes and comparing them to hashes of known malware.
    • Support operations and intelligence collection capabilities conducted through the use of computer networks to gather data from target networks.
    • Perform security assessments, forensic and malware analysis on a variety of information systems
    • Preferred tools/certs: Wireshark, Nessus, Snort, tcpdump, tcp wrapper, IDS (various), ISS scanner, eEye digital vulnerability scanner, Network +, NSA IAM. (U//FOUO)
    • One or more of the following certifications:
    • CCISP - Certified Critical Infrastructure Security Professional
    • CISM - Certified Information Security Manager
    • CISSP - Certified Information Systems Security Professional
    • SSCP - Systems Security Certified Practitioner
    • GIAC - Global Information Assurance Certification
    • CSP - RSA Certified Security Professional
    • CPP - Certified Protection Professional 

    Equal Opportunity Employer/Veterans/Disabled

    WOOD is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed