PENTCIRT Senior Incident Handling Analyst

advertisement
Seeking a PENTCIRT Senior Incident Handling Analyst to work at the Pentagon in support of
the Information Technology Agency. This is a key position so analyst must work onsite and
position is day shift.
Summary:
The PENTCIRT Senor Incident Analyst shall serve as a technical subject matter expert for the
operations and execution of incident response activities.
The following experience is mandatory, for the PENTCIRT Senor Incident Analyst:
• Knowledge of industry accepted standards and best practices related to incident response
operations.
• Demonstrated excellence in analytical and problem solving skills related to network, system,
forensic and malware analysis.
• Experience with security technologies including Intrusion Detection & Prevention Systems
(IDS/IPS), Firewalls & Log Analysis, SEIM, Network Behavior Analysis tools, Antivirus, and
Network Packet Analyzers, Security Systems Manager, malware analysis and forensics tools.
• Demonstrates knowledge in information technologies to include computer hardware and
software, operating systems, and networking protocols
• Knowledge of hacker tactics, techniques and procedures (TTP).
PENTCIRT provides Computer Network Defense (CND) services to monitor, analyze, detect,
and respond to unauthorized activity within Pentagon Information Technology Services (ITS)
information systems and computer networks.
PENTCIRT CND Respond services includes the actions taken to report, analyze, coordinate, and
respond to any event or computer security incident for the purpose of mitigating any adverse
operational or technical impact. Incident Response includes the coordinated development and
implementation of courses of action (COAs) that focus on containment, eradication, and
recovery. At the same time, it ensures the acquisition and preservation of data required for
tactical analysis, strategic analysis, and/or LE investigations.
• An Active DoD Security Clearance is required prior to beginning employment.
• DoD 8570 Certification is required (Security +, CISSP and/or CEH)
Download