|
|
Mar 12, 2018 |
Baltimore, MD |
|
|
|
|
Network Cyber Engineer (060) Location: Linthicum, MD Language: Mandarin Certifications Desired: CISSP, CEH, Security+, SANS, Network+, CCNA
Clearance: TS/SCI CI Poly preferred - Not Necessary to start
Certifications Desired: CISSP, CEH, Security+, SANS Certification(s), Network+, CCNA
SKILLS •10-14 years BS Information Technology, Information Security, Computer Science, Intelligence Studies, Cyber Security, 3+ years Cyber threat intelligence analysis.
• Network Communication, TCP/IP protocols, System Administration, malware communication, installation, types • Good background in computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection, Domain Name Service records. • Cyber Threat Intelligence principles, compromise (IOC) types, indicator pivoting, indicator attribution strength. • Understanding US Intel Community, how cyber intelligence organizations work conducting cyber threat analysis • Performing NETFLOW and PCAP analysis using common analysis tools (Wireshark, Splunk, ChopShop, Dshell, Network Miner, Moloch, etc). • Proficient sessionizing PCAP data, identifying, decoding protocols, extracting files, applying standard filters, Berkley Packet Filter (BPF). • Report writing - Writing sample, editing test required if candidate has no prior published intelligence analysis reporting • Apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, apply attribution to cyber threat activity. • Make confidence-based assessments for attribution based on their technical analysis of network traffic, multi-source data, malware and system forensic analysis, identify analytic bias. • Build intrusion data visualizations, perform analysis (I2 Analyst Notebook, Netviz, Palantir, etc) • Present technical information and analysis to groups up to 50 persons on a quarterly basis, brief smaller groups up to 10 persons on a weekly basis. • Self-starter, ability to engage/develop relationships with intrusion set SME's, analyst counterparts across the US Intel and Law Enforcement communities
Desired Skills: • Chinese Mandarin language, ILR 3/3 level (equivalent certified language training) with a test date last 3 years • Formal training as Intel Analyst. IE: Graduate of US Govt intelligence analysis course: CAC, IBC, Kent School, IC 101, Analysis 101, Army, Navy, Air Force, etc • Applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activity • AN Certification as CISSP, CEH, Security+, SANS certification(s), Network+, CCNA • Advanced NETFLOW and PCAP Analysis • Advanced Data Visualization proficiency leveraging COTS/GOTS tools • Technical Skills: Python language, encryption technologies/standards • Intermediate malware analysis or digital computer forensics experience • Cyber related Law Enforcement or Counterintelligence exp. • SME of Advanced Persistent Threat activity • COTS/Open Source tools: Novetta Cyber Analytics, Mitre ChopShop and/or ARL DSHELL • Analyst experience in Federal Cyber Center, NSA, or Corporate CIRT
|
|
|
|
|
|