CND/Incident Response Analyst

Required Qualifications & Experience

• Active TS/SCI security clearance. Some positions may require a CI polygraph.
• BS Degree in Computer Science.
• 10 years of recent work experience in incident response.
• IAM Level III certification.
• Experience performing computer network defense (CND) incident triage.
• Experience identifying the specific vulnerability; and making recommendations that enable expeditious remediation.
• Experience performing initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
• Experience performing realtime computer network defense (CND) incident handling (e.g., forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs).
• Experience analyzing network alerts from various sources within the enterprise and determine possible causes of such alerts.
• Experience tracking and documenting computer network defense (CND) incidents from initial detection through final resolution.
• Experience employing approved defenseindepth principles and practices (e.g., defenseinmultiple places, layered defenses, security robustness), collect intrusion artifacts (e.g., source code, malware, and trojans) and use discovered data to enable mitigation of potential computer network defense (CND) incidents within the enterprise.