Annapolis Junction, Maryland, United States•Annapolis JunctionMarylandUnited StatesNorth America•May 18, 2024
Uses information collected from a variety of sources to monitor network activity and analyze it for evidence of anomalous behavior. Identifies, triages, and reports events that occur in order to protect data, information systems, and infrastructure. Finds trends, patterns, or anomaly correlations utilizing security-relevant data. Recommends proactive security measures. Conducts analysis to isolate indicators of compromise. Notify designated managers, cyber incident responders, and cybersecurity service provider team member of suspected cyber incidents and articulate the event’s history, status, and potential impact for further action in accordance with the organization’s cyber incident response plan.
**This position has a Panama Schedule/2-2-3**
Requirements
Four (4) years of demonstrated experience as CDA in projects of similar scope, type, and complexity required.
A technical bachelor's degree from an accredited college or university may be substituted for two (2) years of CDA experience on projects of similar scope, type, and complexity.
One (1) year of demonstrated and practical experience in TCP/IP fundamentals.
One (1) year of demonstrated experience with network traffic analysis tools such as Bricata, TCPDump or Wireshark.
Two (2) years of demonstrated experience using security information and event management suites (such as Splunk, ArcSight, Kibana, LogRhythm).
Two (2) years of demonstrated experience in network analysis and threat analysis software utilization.
Two (2) years of demonstrated experience maintaining or managing Cloud environments such as Microsoft Azure, Amazon Web Services (AWS), using tools like Microsoft Sentinel.
Benefits