Network Forensics Cybersecurity Analyst / Network Based Systems Analyst

　　Location: Arlington, VA

　　Must have Top Secret Clearance

　　Node provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks and advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation, using host and network-based cybersecurity analysis capabilities. Personnel perform investigations to characterize the level of severity of breaches and develop mitigation/remediation plans.

　　Node is seeking Network Forensics Cybersecurity Analysts to support this critical customer mission.

　　Responsibilities:

　　Assists the Government lead in coordinating teams in preliminary incident response investigations

　　Assists the Government lead with interfacing with the customer while on-site

　　Determines appropriate courses of action in response to identified and analyses anomalous network activity

　　Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations

　　Assists with the writing and publishing of Computer Network Defense guidance and reports on incident findings to appropriate constituencies

　　Collects network intrusion artifacts (e.g., PCAP, domains, URIs, certificates, etc.) and uses discovered data to enable mitigation of potential Computer Network Defense incidents

　　Analyzes identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information

　　Assists with real-time CND incident handling (i.e., forensic collections, intrusion correlation, and tracking, threat analysis, and advising on system remediation) tasks to support onsite engagements

　　Provide technical briefings as required

　　Requirements

　　Required Skills:

　　U.S. Citizenship

　　Must have an active TS/SCI clearance

　　Must be able to obtain DHS Suitability

　　8+ years of directly relevant experience in network investigations

　　In-depth knowledge of CND policies, procedures, and regulations

　　In-depth knowledge of standard protocols – ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS, TCP/IP

　　In-depth knowledge and experience of Wifi networking

　　In-depth knowledge and experience of network topologies - DMZs, WANs, etc.

　　Substantial knowledge of Splunk (or other SIEM’s)

　　Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)

　　Knowledge of Computer Network Defense policies, procedures, and regulations

　　Knowledge of defense-in-depth principles and general attack stages with respect to network security architecture

　　Ability to characterize and analyze network traffic to identify anomalous activity and potential threats to network resources

　　Ability to identify and analyze anomalies in network traffic using metadata

　　Experience with reconstructing a malicious attack or activity based on network traffic

　　Experience examining network topologies to understand data flows through the network

　　Must be able to work collaboratively across physical locations

　　Desired Skills:

　　Substantial knowledge of network device integrity concepts and methodologies

　　Proficiency with network analysis software (e.g. Wireshark)

　　Proficiency with carving and extracting information from PCAP data

　　Proficiency with non-traditional network traffic (e.g. Command and Control)

　　Proficiency with preserving evidence integrity according to standard operating procedures or national standards

　　Proficiency with virtualized environments

　　Required Education:

　　BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 10+ years of network investigations experience.

　　Desired Certifications:

　　DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst, GCIA, GCIH, CSSP Analyst/CSSP Incident Responder, CEH

　　SANS GIAC GNFA preferred

　　Company Overview:

　　Node.Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.

　　Our Core Values help us in our mission. They include:

　　OUR CORE VALUES

　　Identifying theRIGHT PEOPLEand developing them to their full capabilities

　　Our customer’s “Mission” is our “Mission”. OurMISSION FIRSTapproach is designed to keep our customers fully engaged while becoming their trusted partner

　　We believe inSIMPLIFYINGcomplex problems with a relentless focus on agile delivery excellence

　　Our mantra is “SimpleSecureSpeed” in the delivery of innovative services and solutions

　　Benefits

　　We are proud to offer competitive compensation and benefits packages to include:

　　Medical

　　Dental

　　Vision

　　Basic Life

　　Long-Term Disability

　　Health Saving Account

　　401K

　　Three weeks of PTO

　　10 Paid Holidays

　　Pre-Approved Online Training