Network Security Specialist

McLean, Virginia
Apr 03, 2019
May 09, 2019
Full Time
AboutWeb, LLC is looking for Network Security Specialists.

The Network Security Specialist will perfomr the following functions:
  • Perform analysis of log files from a variety of sources (e.g., network traffic logs, firewall logs, intrusion detection system logs, Domain Name System (DNS) logs) to identify possible threats to network security.
  • Collect network intrusion artifacts (e.g., domains, Uniform Resource Identifiers (URIs), certificates, etc.) and use discovered data to enable mitigation of potential CND hunts and incidents.
  • Analyze identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information.
  • Identify and document network based tactics, techniques, and procedures used by an attacker to gain unauthorized system access.
  • Track and document CND incidents from initial detection through final resolution.
  • Perform real-time CND Incident Handling (i.e. forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable incident response teams.
  • Create and disseminate technical reports in response to conducted analysis.
  • Write and publish CND guidance and reports (e.g. engagement reports) on incident findings to appropriate constituencies.
  • Assist with developing and maintaining SOPs.
  • Participate in inter-agency sponsored community of interest analysis groups, participate in technical briefings and exchanges.
  • Serve as technical expert and liaison to leadership, NCCIC, the IC, and law enforcement personnel explaining incident details as required.
  • Manual review network device configurations for suspicious configurations or signs of compromise.
  • Assess network topology and device configurations identifying critical security concerns and providing security best practice recommendations
  • Collect network device integrity data, utilizing specialized tools, to detect unauthorized access (login access, configuration changes, interface changes, physical access, unscheduled reboots, blocked attempts, downgraded encryption, etc.).
  • Collect network device integrity data, utilizing specialized tools, to detect software modifications (file verification, online/offline hash, published hashed, memory verification, firmware verification, rootkit detection).
  • Collect network device integrity data, utilizing specialized tools, to detect hardware modifications (operating statistics, network traffic analysis).
  • Support network device integrity analysis on multi-vendor products (e.g. Cisco, Juniper, Client, Dell, etc.).
  • Divert/deploy teams of contractor resources to provide on-site support and assistance in the event of an exercise or cyber incident.

Similar jobs