*All Candidates must have a TS/SCI clearance with a Polygraph
- Shall have a minimum of eight (8) continuous years of work experience in network and vulnerability analysis, or a combination of a minimum of five (5) continuous years of work experience in network and vulnerability analysis and a Bachelor’s degree in an applicable (math, science, computers, engineering) field
- Work experience shall include five (5) years of IC experience in network and vulnerability analysis
- Shall have demonstrated expertise related to the use of relevant Computer Network Operations (CNO) and SIGINT tools and databases used for the customer mission
- Shall have demonstrated in-depth knowledge of network tools used to assess traffic at the application layer. Be able to evaluate and implement solutions including but not limited to firewalls, routers, switches, IDS
- Shall also demonstrate analytic ability to discover unknown, suspicious or exploitation activity, be able to provide briefings of intrusion set activity to partner organizations/agencies, and be knowledgeable about all forms of reporting and experienced with creating each product type, and thus be able to organize training for other team members on analysis, tools, or reporting
- Shall have demonstrated skills working through the SIGINT and/or other intelligence disciplines' production processes, to include tasking, researching, processing, reporting, and disseminating of collection, information, or final products
- Shall demonstrate the ability to understand and interpret technical data through knowledge of technologies and network topologies
- Shall have demonstrated expertise in documenting information and processes and gathering intelligence information of an identified threat activity through SIGINT and/or other intelligence disciplines, Internet, and other research means
- Experience in Python and BASH
- Experience in the computer network operations analyzing vulnerabilities and mitigating threats, with an emphasis on forensics and defensive triage operations
- Knowledge of the creation of hashes and comparing them to hashes of known malware
- Capability to administer computer networks and set up modeling and simulation enclaves
- Intimate knowledge of intrusion detection and forensic capabilities
Preferred Tools/Certifications: Wireshark, Nessus, Snort, tcpdump, tcp wrapper, IDS (various), ISS scanner, eEye digital vulnerability scanner, Network +, NSA IAM. CISM - Certified Information Security Manager CISSP - Certified Information Systems Security Professional SSCP - Systems Security Certified Practitioner GIAC - Global Information Assurance Certification CSP - RSA Certified Security Professional CPP - Certified Protection Professional.
WOOD Consulting Services is headquartered in Fulton, Maryland with an office in Washington, DC. WOOD embraces a simple philosophy… take care of our people and they will take care of our customers. We seek to hire and retain high caliber-talent to meet the needs of our customers with excellent services. For over 20 years, WOOD has followed that philosophy and built a reputation as reliable mission-enablers helping U.S. agencies achieve mission success.
WOOD is an Equal Employment Opportunity Employer; all qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or veteran status.