Senior Cyber Network Defense Analyst (CNDA)

Pensacola, Florida, United States

Applications have closed

phia LLC

At phia, trust us to solve the complex challenges of our connected world through top-tier cyber intelligence & threat hunting. Contact us.

View company page

At phia, we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.

phia has an opportunity for a Senior Cyber Network Defense Analyst (CNDA) to support our DHS CISA Hunt and Incident Response (HIRT) deployment Network Analysis team. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunt for malicious cyber activity.

In this position, you will be on the front line of supporting national and international cyber intrusions teaming with DHS stakeholders to secure America’s critical infrastructure. These engagements entail performing network analysis to find the badness. Come join our cutting-edge team working on stopping some of the world’s most advanced adversaries. This position is located in Pensacola, FL.

What You'll Do

Use information collected from a variety of sources to monitor network activity and analyze it for evidence of suspicious behavior. Monitoring and analysis are performed to identify and report events that occur, or might occur, within the network, in order to protect information, information systems, and networks from threats. Duties include:

  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
  • Coordinate with enterprise-wide cyber defense staff to validate network alerts
  • Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment
  • Perform cyber defense trend analysis and reporting
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
  • Provide daily summary reports of network events and activity relevant to cyber defense practices
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of alerts
  • Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
  • Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity
  • Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information
  • Identify and analyze anomalies in network traffic using metadata
  • Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools
  • Identify applications and operating systems of a network device based on network traffic
  • Reconstruct a malicious attack or activity based off network traffic
  • Identify network mapping and operating system (OS) fingerprinting activities
  • Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave
  • Prepare and update manuals, instructions, and operating procedures
  • Ensure optimal use of commercially available products
  • Prepare and present reports
  • Evaluate the effectiveness of installed systems and services

Requirements

Education + Experience

  • BS Computer Science, Cyber Security, Computer Engineering or related degree or HS Diploma & minimum 10+ years of network investigations experience.
  • Must have 8 or more years of direct relevant experience in cyber defense analysis using leading edge technologies and industry standard cyber defense tools- Experience successfully developing and deploying signatures
  • Experience successfully developing and deploying signatures
  • Experience detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort)
  • Experience implementing incident handling methodologies
  • Experience implementing protocol analyzers
  • Experience collecting data from a variety of cyber defense resources
  • Experience reading and interpreting signatures (e.g., snort)
  • Experience performing packet-level analysis
  • Experience conducting trend analysis

Preferred

  • Python programming experience
  • Strong math and science background
  • Experience with Carnegie Mellon SiLK tool suite
Security Clearance
  • This position will require U.S. Citizenship
  • Must have an active TS/SCI clearance
  • Must be able to obtain DHS Suitability

Desired Certifications

  • One or more of the following GNFA, GCIH, GCIA, GSEC, CASP+, CySA+, PaLMS, FedVTE, GSEC (SANS401), Arcsight (or other SEIM solution), Network+, Security+
Who You Are
  • A proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment.
  • Intellectually curious with a genuine desire to learn and advance your career.
  • An effective communicator, both verbally and in writing.
  • Customer service oriented and mission focused.
  • Critical thinker with excellent problem-solving skills

If your experience and qualifications aren’t a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit.

IMPORTANT: This position may be subject to Executive Order 14042 and the Safer Federal Workforce Task Force Guidance requiring covered employees to be fully vaccinated against COVID-19, which the Federal Government is not enforcing at this time.

Benefits

COMPANY OVERVIEW:

Who We Are

phia LLC ("phia") is a Northern Virginia based, 8a certified small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.

phia values work-life balance and offers the following benefits to full-time employees:

  • Comprehensive medical insurance to include dental and vision
  • Short Term & Long-Term Disability
  • 401k Retirement Savings Plan with Company Match
  • Tuition and Professional Development Assistance
  • Flex Spending Accounts (FSA)

phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.

Tags: ArcSight CASP+ CISA Clearance Computer Science Cyber defense DoD Forensics GCIA GCIH GNFA GSEC IDS Incident response Intrusion detection Monitoring Python Security Clearance Snort Strategy TS/SCI

Perks/benefits: 401(k) matching Career development Health care Insurance Team events

Region: North America
Country: United States
Job stats:  2  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.