Counter Access Analyst III
Abacus Technology Corporation · Sumter, SC · 3 mo ago
Business DevelopmentFull-time
Responsibilities
- Build tactical and strategic network profiles for specific systems and complete network architecture.
- Utilize network intrusion devices and available cyber defense infrastructure, including but not limited to, Endpoint Security Systems, Intrusion Detection and Prevention Systems (IDS/IPS), proxy security appliances, forensics tools, and other security agents to minimize threats to AFCENT Networks.
- Aid in analyst training in advanced traffic analysis, incident response, and cyber hunt activities.
- Proactively conduct cyber hunt activities, search through systems and networks to detect advanced threats and monitor network traffic to determine system vulnerabilities and required fixes; apply established network security procedures, log and make recommendations for correcting network security incidents; and coordinate the escalation of security issues requiring detailed analysis to Cybersecurity Analysts.
- Proactively analyze AFCENT network IDS and IPS for evidence of malicious cyber activity and conduct defensive cyber operation (DCO) missions to eliminate identified threats.
- Conduct threat emulation testing and develop and deploy advanced threat mitigation strategies in response to test results.
- Develop and deploy countermeasures (to include IDS/IPS signature developments and correlation rule sets) to isolate, contain and prevent intrusive activities and secure AFCENT/CENTCOM networks.
- Conduct network and computer forensics on suspected and confirmed compromised systems to determine the method of intrusion and corrective actions to be taken to prevent or detect similar future activities.
- Conduct thorough forensic investigations on security incidents, including data breaches and system compromises.
- Collect, preserve, and analyze digital evidence following established procedures to support incident investigations.
- Perform network traffic and host analysis to evaluate intruder activities using host and network-based monitoring system.
- Cook up with other Counter Access Team (CAT) and Vulnerability Management (VM) team to ensure latest known vulnerabilities are properly identified and corrected.
- Maintain network traffic to determine system vulnerabilities and required fixes; apply established network security procedures, logs and makes recommendation for correcting network security incidents; and coordinate the escalation of security issues requiring detailed analysis to Security Analyst.
Requirements
- 5+ years experience in network and cyber security.
- Bachelor’s degree in a related field. Additional years of experience may be substituted for degree requirements.
- Must be Security+ certified.
- Must be Network+ or CCNA certified.
- Must hold the ITIL Foundations certification or be able to obtain the certification within 60 days of hire.
- Must have firewall experience.
- Experience with intrusion detection and vulnerability assessments.
- Networking experience including routers and switches.
- Able to deeply understand threat profiles and create custom rules to detect and uncover methods used by malicious actors.
- Able to build complex network profiles from cyber intelligence provided information for hunting the adversary.
- Must possess the ability to conduct network and or host forensics during an incident.
- Able to maintain current knowledge on new vulnerabilities and exploits, malware behavior and propagation characteristics, and anti-virus tools.
- Must be detail oriented and possess the ability to work in a multi-disciplined environment with an adaptive personality.
- Strong analytical and communication skills.
- Must be a team player able to work professionally and collaboratively with the government customer and other contract members of the project team.
Qualifications
- US citizen and hold a current Secret clearance.