Computer Network Defense & Incident Response Analyst - Mid to Senior L
Location: Pearl City
Posted on: February 24, 2021
The candidate will identify, isolate, investigate, inform, and
implement measures to detect and protect data across a wide
spectrum of sources and locations. The candidate is required to
validate suspicious events or reports and determine if the event
constitutes an incident. The candidate will ensure incidents are
properly entered into the appropriate reporting system and
determine the severity of the incident. Reporting and response
measures will be taken immediately in order to satisfy the Chairman
of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B reporting
- Maintains familiarity with CJCSM 6510.01B.
- Compiles and maintains internal standard operating procedure
- Ensures associated documentation and capabilities remain
compliant with CJCSM 6510.01B and other applicable policy
- Provides network intrusion detection and monitoring,
correlation analysis, incident response and support for the
Cybersecurity Service Provider (CSSP) and its subscriber
- Validates suspicious events or reports and determine if the
event constitutes an incident and properly enter associated data
into the appropriate reporting systems.
- Coordinates with USCYBERCOM and supported entities regarding
significant incidents to ensure proper analysis is performed and
timely and accurate reporting of the incident is completed.
- Provides 24x7 support for the CSSP's Incident Response
capability during non-core business hours consistent with CSSP
requirements as needed.
- Performs network and host-based digital forensics on Microsoft
Windows based systems and other operating systems as necessary to
enhance response to, support of, and investigation into significant
- Possesses working knowledge of full packet capture PCAP
analysis and accompanying tools (Wireshark, etc.).
- Explores patterns in network and system activity via log
correlation using Splunk and supplemental tools.
- Possesses understanding of IDS/IPS solutions to include
signature development and implementation.
- Participates in program reviews, product evaluations, and
onsite certification evaluations.
- Experience with Incident Response Procedures.
- Experience with Packet Analysis using tools such as Wireshark,
TCPDump, TShark, or similar as it applies to cyber incident
- Experience interpreting IDS/IPS log output.
- Ability to explain the difference between data contained within
Windows Event logs and Sysmon logs.
- Experience with Log Aggregation Tools such as Splunk, Elastic,
Highly Desired Skills
- Knowledge of CJCSM 6510.01B.
- Ability to write/edit IDS/IPS signatures for enhanced
- Experience using EDR products for Cyber Incident Response.
- Knowledge of Digital Forensics.
- The ability to solve problems independently.
- 2-8+ years' experience in Cybersecurity Service Provider (CSSP)
environment or similar.
- DoD or DoN Cybersecurity Workforce (CSWF) Certification or
compliance (DoDD 8140 or SECNAV M-5239).
- Bachelor OR Graduate degree from accredited
university/technical college in Cybersecurity, Computer Science,
Information Systems, or other related scientific or technical
- DoDD 8140 CSSP Incident Responder or Analyst Category
- Approved Military Training Courses
- Authorized to view alerts for IDS/IPS
- Authorized to view Audit Records on Central Log Server
- Due to the nature of the work required, operations are
conducted 24/7/365 with three primary shifts. Choice of shifts will
be made available with the understanding that placement is at the
discretion of the CSSP Services Director and/or assigned
- Long Term Disability
- Basic Life Insurance
- Basic Accidental Death & Dismemberment Insurance
- Direct Payroll Deposit
- Leave Accrual
- Short Term Disability
- Additional (Voluntary) Life Insurance
- Additional (Voluntary) AD&D Insurance
- Medical Coverage
- Dental Coverage
- Vision Care Plan
- Flexible Spending Account Plan
- Online Training
- AFLAC Supplementary Insurances
Core4ce is an Equal Opportunity Employer. Core4ce does not
discriminate on the basis of race, religion, color, sex, gender
identity, sexual orientation, age, non-disqualifying physical or
mental disability, national origin, veteran status or any other
basis covered by appropriate law. All employment is decided on the
basis of qualifications, merit, and business need.
Core4ce provides equal employment opportunities (EEO) to all
employees and applicants for employment without regard to race,
color, religion, sex, national origin, age, disability or genetics.
In addition to federal law requirements, Core4ce complies with
applicable state and local laws governing nondiscrimination in
employment in every location in which the company has facilities.
This policy applies to all terms and conditions of employment,
including recruiting, hiring, placement, promotion, termination,
layoff, recall, transfer, leaves of absence, compensation and
Core4ce expressly prohibits any form of workplace harassment based
on race, color, religion, gender, sexual orientation, gender
identity or expression, national origin, age, genetic information,
disability, or veteran status. Improper interference with the
ability of Core4ce's employees to perform their job duties may
result in discipline up to and including discharge.
Keywords: SPINVI, Honolulu , Computer Network Defense & Incident Response Analyst - Mid to Senior L, IT / Software / Systems , Pearl City, Hawaii
Didn't find what you're looking for? Search again!