Cyber Network Defense Analyst (CNDA) 4
Arlington, VA
Full Time Entry-level / Junior Clearance required USD 37K - 70K *
At ARSIEM Corporation we are committed to fostering a proven and trusted partnership with our government clients. We provide support to multiple agencies across the United States Government. ARSIEM has an experienced workforce of qualified professionals committed to providing the best possible support.
As demand increases, ARSIEM continues to provide reliable and cutting-edge technical solutions at the best value to our clients. That means a career packed with opportunities to grow and the ability to have an impact on every client you work with.
ARSIEM is looking for a Cyber Network Defense Analyst 4. This position is primarily a hybrid remote position with a 2-hour onsite reporting requirement and business travel as needed. Personnel will be required to live in the Continental US and are required to work core hours (Eastern Standard Time) to support one of our Government clients in Arlington, VA.
Responsibilities
- Acquire/collect computer artifacts and logs supporting onsite and remote engagements.
- Triage electronic devices and assess evidentiary value
- Correlate forensic findings to network events in support of developing an intrusion narrative
- Collect and document system state information (e.g., running processes, network connections) before imaging, as required
- Perform forensic triage of an incident to include determining scope, urgency, and potential impact
- Track and document forensic analysis from initial participation through resolution
- Collect, process, preserve, analyze, and present computer-related evidence
- Coordinate with Government staff and customer personnel to validate/investigate alerts or additional preliminary findings
- Conduct analysis of forensic images and available evidence in support of forensic write-ups for inclusion in reports and written products
- Support cloud development and automation projects to enhance threat emulation capabilities
- Assist in documenting Computer Network Defense (CND) guidance and creating reports about incident findings
Minimum Qualifications
- BS Computer Science, Cybersecurity, Computer Engineering, or related degree; HS Diploma & 4-6 years of host or digital forensics experience.
- 10+ years of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools
- In-depth understanding of SaaS, PaaS, and IaaS in the Cloud Environment
- Ability to create forensically sound duplicates of evidence (forensic images)
- Ability to author cyber investigative reports documenting digital forensics findings
- Proficiency in analysis and characterization of cyber attacks
- Knowledge of cloud development and automation tools such as Terraform, Kubernetes, AWS CloudFormation, Azure Resource Manager, and Docker.
- Skilled in identifying different classes of attacks and attack stages
- Understanding of system and application security threats and vulnerabilities
- Understanding of proactive analysis of systems and networks, including creating trust levels of critical resources
Preferred Qualifications
- Knowledge of strategies/architectures involved in implementing M365/Azure authentication, how these relate to a federated identity solution, and a fundamental understanding of how threat actors would target identity to compromise an environment
- Advanced experience and proficiency across various aspects of IT operations (e.g., networking, virtualization, identity, security, business continuity, disaster recovery, data management, and governance)
- Experience and understanding in the acquisition, processing, and analysis of digital evidence from onsite enterprises and cloud-native platforms
- Fundamental understanding of APIs and proficiency with PowerShell/PowerShell modules are leveraged to conduct API queries related to Azure/M365.
- Proficiency with scripting languages (e.g., Bash, Python, PowerShell, JS) for automation of hunt tools used in commercial cloud environments
- Ability to develop tools, architecture, and configurations in the Azure environment to support identifying threat actor activity.
- Understanding of how Azure/M365 platform protection is implemented and security operations available
- One or more certifications: GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS certifications, Microsoft Azure associated certifications.
ARSIEM is proud to be an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Automation AWS Azure Bash CCSP CFCE CISSP Clearance Cloud CND Computer Science Docker EnCE Forensics GCFA GCFE GCIH Governance IaaS Kubernetes PaaS PowerShell Python SaaS Scripting SIEM Terraform TS/SCI Vulnerabilities
Perks/benefits: Career development Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs