Network Based Systems Analyst II

ARSIEM Corporation is looking for a Cyber Network Defense Analyst (CNDA) to monitor network activity and analyze it for evidence of suspicious behavior.

Requirements

• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
• Coordinate with enterprise-wide cyber defense staff to validate network alerts.
• Document and escalate incidents that may cause ongoing and immediate impact on the environment
• Perform cyber defense trend analysis and reporting
• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
• Provide daily summary reports of network events and activity relevant to cyber defense practices
• Receive and analyze network alerts from various sources within the enterprise and determine possible causes of alerts
• Provide timely detection, identification, and alerting of attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities
• Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity
• Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on the system, and information
• Identify and analyze anomalies in network traffic using metadata
• Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools
• Identify applications and operating systems of a network device based on network traffic
• Reconstruct a malicious attack or activity based on network traffic
• Identify network mapping and operating system (OS) fingerprinting activities
• Assist in the construction of signatures that can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave