General Dynamics Information Technology Cyber Security – CND Analyst in Djibouti

Clearance Level Must Currently Possess:

Secret (NACLC)

Clearance Level Must Be Able to Obtain:

Top Secret SCI

Suitability:

No Suitability Required

Job Family:

Information Technology

Job Description:

Designs, develops, or recommends integrated security system solutions that will ensure proprietary/confidential data and systems are protected. Conducts Information Assurance (IA) program/system security status assessments and supports the development of IA program(s) including the development of IA policy and procedures. Supports Cyber Network Defense (CND) incident/event investigation and analysis as required. Assesses and detects network vulnerabilities. Provides technical engineering services for the support of integrated security systems and solutions. Participates with the client in the strategic design process to translate security and business requirements into technical designs. Supports security posture assessments. Maintains awareness of cyber trends, threats, and vulnerabilities. Leads in security engineering, validation testing of system configuration/hardening, and assessment of classified and unclassified Information Technology (IT) systems. Understands current computer technologies and technical security requirements as applied to the organization’s design, development, evaluation, and integration of computer systems and networks to sustain compliance with national and Department of Defense (DoD) policy as well as best practices. Conducts certification test analysis and technical evaluations for vulnerabilities and must possess the ability to recommend and apply security countermeasures to mitigate identified risks.

Principal Duties and Responsibilities

  • At the direction of the Computer Network Defense (CND) Lead, takes appropriate measures to respond to known and possible network attacks in accordance with applicable DoD policies, directives and instructions.

  • Recommends and supports the development and management of CJTF-HOA network security and incident response policies and procedures.

  • Implements and maintains CJTF-HOA purchased full packet capture capability.

  • The packet capture tools and the amount of data collected will be directed by the Government.

  • Archives and audits security event logs in accordance with DoD policy.

  • Implements measures to prevent unauthorized software from being installed and executed on CJTF-HOA systems.

  • Archives and reviews system audit logs and all other pertinent log files that will support incident response activities.

  • Manages all CJTF-HOA IA-related service requests to include firewall issues, blocked sites, admin account issues, user account issues, PKI issues, CAC issues, malicious code, SPAM, etc.

  • Provides advanced security monitoring and event/alert and incident evaluation and determination assistance on escalated issues escalated.

  • Reports, mitigates and resolves all classified security incidents (e.g., data spills) that impact CJTF-HOA networks. Runs anti-virus definition scans, evaluates and mitigates any discrepancies.

  • Monitors, reports, mitigates and resolves all network anomalies (e.g., unauthorized network access, etc.) that occur on CJTF-HOA networks.

  • Develops and manages incident response actions (e.g., Tactics, Techniques and Procedures) for CJTF-HOA.

  • Implements and manages an 802.11 wireless detection capability.

  • Documents and reports detection of unauthorized wireless devices connecting to CJTF-HOA networks.

  • Supports incident reporting activities in accordance with Computer Network Defense Service Provider policies and directives.

  • Collaborates and interfaces with external organizations/ agencies on security related issues and investigations.

  • Engineers, installs, upgrades and maintains IA systems residing on the CJTF-HOA networks, to include firewalls, encryption devices/tools.

Required Skills

Bachelors degree desired; minimum Associates degree required. Required degree may be waived in lieu of relevant years of work experience. Six (6) years or more systems/network administration experience desired. Experience supporting large network storage solutions

Two of the six are needed:

1) DoD IA Vulnerability Management Compliance, 2) Incident Response NIPRNet & SIPRNet, 3) DoD Policies, Directives on known network attacks, 4) Network Scanning (ACAS), 5) DoD 8570.01M Program or 6) CISSP or equivalent

In addition to the skills required above, must have advanced security monitoring skills and a more advanced understanding of network/host vulnerabilities and exploits, hacker methodology, host/network device hardening techniques, and security incident prevention/mitigation techniques, and is responsible for the mentoring and ongoing continuous skill improvement of other specialists.

Relevant experience in security event/alert monitoring employed in a CND environment, CSIRT, or on a Security Response Team employed in the capacity as a Level I/II Analyst.

Knowledge of: (at entry): experience of understanding of host/network CVEs, hacker methodologies and tactics, and the tools used.

Should have an understanding of chain of custody and basic security incident evidence gathering. - - A more advanced understanding of and experience in the use of tools such as Trace Route, Visual Route, Ethereal, Nessus.

Knowledge of packet captures, TCP dumps, and the use and function of other commonly used security tools.

An advanced understanding of the TCP/IP protocol suite, TCP/IP headers and packets, the OSI model, and commonly used TCP/UDP ports and associated services.

An advanced understanding of and experience with the monitoring and the analysis of firewall logs, router syslogs, and network/host-based IDS/IPS.

Experience with the tuning of IDS/IPS, firewall ACLs, and rule sets.

An understanding of network engineering and LAN/WAN technologies and topologies.

An understanding of routing protocols, switching, etc.

An understanding of and experience with host platform vulnerability assessment and hardening standards and methodologies.

Skill in: (at entry): Common operating system (OS) and domain structures (Windows 2016, Active Directory, etc.), servers, services, and associated vulnerabilities; Linux, Red Hat, etc.; hosts, operating systems, and applications; previous experience with ticketing systems such as Peregrine, Remedy, etc.; preferably IT security/IA training through such sources as SANS, etc. Ability to obtain IAT II certifications in accordance with DoD 8570.1.

The above information has been designed to indicate the general nature and level of work performed by employees in this classification. It is not designed to contain or to be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of the employee assigned to this job.

Desired Skills

  • Experience using DISA CMRS

  • HBSS Certification and/or training is a plus

  • Experience with ACAS (Tenable Security Center) a plus

  • Enterprise Mission Assurance Support Service (eMASS) experience is a plus

Qualifications / Certifications

  • Bachelor degree or 4 years IA/CND experience

  • DoD 8570.1 IAM Level III compliant

  • EC Council – CEH Certification

  • Microsoft Certified Solutions Expert, Microsoft Certified IT Professional, or Cisco Certified preferred

Special Requirements

  • Candidates must have an active Secret Clearance with the ability to obtain and maintain a Top Secret/SCI Clearance

  • Willingness to work flexible hours

  • Shift work may be required

  • On Call Status may be required

  • May be required to sign for equipment

  • Weekly Hours: 60

# of Openings:

1

Scheduled Weekly Hours:

40

T elecommuting Options:

Telecommuting Not Allowed

Work Location:

DJI Djibouti (APCDJI)

Additional Work Locations:

CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

THINK NEXT. NOW.

CSRA is tomorrow’s thinking, today. To “Think Next. Now.” is to imagine a better future and to deliver it, today. For our customers, our partners, and ultimately, all the people our mission touches, CSRA is realizing the promise of technology to change the world through next-generation thinking and meaningful results.

We understand that our customers' missions require new methods and imaginative thinking. We bring together government IT professionals, emerging technologies, and the brightest, cutting-edge advisors in the industry to deliver a broad range of innovative, next-generation IT solutions and professional services to help our customers modernize their legacy systems, protect their networks and assets, and improve the effectiveness and efficiency of mission-critical functions for our warfighters and our citizens.

Everywhere you look, CSRA is there. We’re in our nation’s infrastructure, in training and education, in cyber security, in serving veterans who served us—and, so much more. Take some time to learn more about CSRA. You might be surprised to learn how we touch your life.

We are a company of 18,000+ smart, talented individuals, yet we enjoy a start-up culture that inspires us to make a difference while delivering results in this rapidly evolving world. Join our team and use your skills and expertise to support the safety, security, health and well-being of the nation.