Cyber Network Defense Analyst (CNDA) 4
ARSIEM
About ARSIEM Corporation
At ARSIEM Corporation we are committed to fostering a proven and trusted partnership with our government clients. We provide support to multiple agencies across the United States Government. ARSIEM has an experienced workforce of qualified professionals committed to providing the best possible support.
As demand increases, ARSIEM continues to provide reliable and cutting-edge technical solutions at the best value to our clients. That means a career packed with opportunities to grow and the ability to have an impact on every client you work with.
ARSIEM is looking for a Cyber Network Defense Analyst 4. This position will support one of our Government clients in Arlington, VA.ResponsibilitiesAcquire/collect computer artifacts and logs in support of onsite and remote engagementsTriage electronic devices and assess evidentiary valueCorrelate forensic findings to network events in support of developing an intrusion narrativeCollect and document system state information (e.g., running processes, network connections) prior to imaging, as requiredPerform forensic triage of an incident to include determining scope, urgency, and potential impactTrack and document forensic analysis from initial participation through resolutionCollect, process, preserve, analyze, and present computer-related evidenceCoordinate with Government staff and customer personnel to validate/investigate alerts or additional preliminary findingsConduct analysis of forensic images and available evidence in support of forensic write-ups for inclusion in reports and written productsSupport cloud development and automation projects to enhance threat emulation capabilitiesAssist to document Computer Network Defense (CND) guidance and create reports pertaining to incident findingsMinimum QualificationsBS Computer Science, Cybersecurity, Computer Engineering, or related degree; or HS Diploma & 4-6 years of host or digital forensics experience.10+ years of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic toolsIn-depth understanding of SaaS, PaaS, and IaaS in the Cloud EnvironmentAbility to create forensically sound duplicates of evidence (forensic images)Ability to author cyber investigative reports documenting digital forensics findingsProficiency in analysis and characterization of cyber attacksKnowledge of cloud development and automation tools such as Terraform, Kubernetes, AWS CloudFormation, Azure Resource Manager, and Docker.Skilled in identifying different classes of attacks and attack stagesUnderstanding of system and application security threats and vulnerabilitiesUnderstanding of proactive analysis of systems and networks, including creating trust levels of critical resourcesPreferred QualificationsKnowledge of strategies/architectures involved in implementing M365/Azure authentication, how these relate to a federated identity solution and a fundamental understanding of how threat actors would target identity to compromise an environmentAdvanced experience and proficiency across various aspects of IT operations (e.g., networking, virtualization, identity, security, business continuity, disaster recovery, data management, and governance)Experience and understanding in acquisition, processing, and analysis of digital evidence from onsite enterprises and cloud-native platformsFundamental understanding of APIs and proficiency with PowerShell/PowerShell modules leveraged to conduct API queries as they relate to Azure/M365Proficiency with scripting languages (e.g., Bash, Python, PowerShell, JS) for automation of hunt tools used in commercial cloud environmentsAbility to develop tools, architecture and configurations in Azure environment to support identifying threat actor activity.Understanding of how Azure/M365 platform protection is implemented and security operations availableOne or more of the following certifications: GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS certifications, Microsoft Azure associated certifications.Clearance Requirement: This position requires an Active TS/SCI clearance and the ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability. Candidate Referral: Do you know someone who would be GREAT at this role? If you do, ARSIEM has a way for you to earn a bonus through our referral program for persons presenting NEW (not in our resume database) candidates who are successfully placed on one of our projects. The bonus for this position is 5,000, and the referrer is eligible to receive the sum for any applicant we place within 12 months of referral. The bonus is paid after the referred employee reaches 6 months of employment.
ARSIEM is proud to be an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.
At ARSIEM Corporation we are committed to fostering a proven and trusted partnership with our government clients. We provide support to multiple agencies across the United States Government. ARSIEM has an experienced workforce of qualified professionals committed to providing the best possible support.
As demand increases, ARSIEM continues to provide reliable and cutting-edge technical solutions at the best value to our clients. That means a career packed with opportunities to grow and the ability to have an impact on every client you work with.
ARSIEM is looking for a Cyber Network Defense Analyst 4. This position will support one of our Government clients in Arlington, VA.ResponsibilitiesAcquire/collect computer artifacts and logs in support of onsite and remote engagementsTriage electronic devices and assess evidentiary valueCorrelate forensic findings to network events in support of developing an intrusion narrativeCollect and document system state information (e.g., running processes, network connections) prior to imaging, as requiredPerform forensic triage of an incident to include determining scope, urgency, and potential impactTrack and document forensic analysis from initial participation through resolutionCollect, process, preserve, analyze, and present computer-related evidenceCoordinate with Government staff and customer personnel to validate/investigate alerts or additional preliminary findingsConduct analysis of forensic images and available evidence in support of forensic write-ups for inclusion in reports and written productsSupport cloud development and automation projects to enhance threat emulation capabilitiesAssist to document Computer Network Defense (CND) guidance and create reports pertaining to incident findingsMinimum QualificationsBS Computer Science, Cybersecurity, Computer Engineering, or related degree; or HS Diploma & 4-6 years of host or digital forensics experience.10+ years of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic toolsIn-depth understanding of SaaS, PaaS, and IaaS in the Cloud EnvironmentAbility to create forensically sound duplicates of evidence (forensic images)Ability to author cyber investigative reports documenting digital forensics findingsProficiency in analysis and characterization of cyber attacksKnowledge of cloud development and automation tools such as Terraform, Kubernetes, AWS CloudFormation, Azure Resource Manager, and Docker.Skilled in identifying different classes of attacks and attack stagesUnderstanding of system and application security threats and vulnerabilitiesUnderstanding of proactive analysis of systems and networks, including creating trust levels of critical resourcesPreferred QualificationsKnowledge of strategies/architectures involved in implementing M365/Azure authentication, how these relate to a federated identity solution and a fundamental understanding of how threat actors would target identity to compromise an environmentAdvanced experience and proficiency across various aspects of IT operations (e.g., networking, virtualization, identity, security, business continuity, disaster recovery, data management, and governance)Experience and understanding in acquisition, processing, and analysis of digital evidence from onsite enterprises and cloud-native platformsFundamental understanding of APIs and proficiency with PowerShell/PowerShell modules leveraged to conduct API queries as they relate to Azure/M365Proficiency with scripting languages (e.g., Bash, Python, PowerShell, JS) for automation of hunt tools used in commercial cloud environmentsAbility to develop tools, architecture and configurations in Azure environment to support identifying threat actor activity.Understanding of how Azure/M365 platform protection is implemented and security operations availableOne or more of the following certifications: GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS certifications, Microsoft Azure associated certifications.Clearance Requirement: This position requires an Active TS/SCI clearance and the ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability. Candidate Referral: Do you know someone who would be GREAT at this role? If you do, ARSIEM has a way for you to earn a bonus through our referral program for persons presenting NEW (not in our resume database) candidates who are successfully placed on one of our projects. The bonus for this position is 5,000, and the referrer is eligible to receive the sum for any applicant we place within 12 months of referral. The bonus is paid after the referred employee reaches 6 months of employment.
ARSIEM is proud to be an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.
Confirm your E-mail: Send Email
All Jobs from ARSIEM