NetSage's mission is to help our customers achieve their missions by providing superior cyber services. We seek talented professionals who are interested in doing meaningful, mission-focused work for the US Federal Government. We are a growing Company that puts our employees first and offers excellent pay and world-class benefits. We do not hire contract by contract; instead, we offer multiple job options and career progression for our employees. We realize that our website and job descriptions may be a little vague and that's on purpose because of the customers we support. Please connect with us using our Contact Us page if you have any questions about any of our job-openings.
NetSage is hiring a computer and network security analyst to join a team of Threat Hunters supporting a 24x7 security operations center for the Federal Government. The Analyst will monitor a wide variety of commercial security solutions including Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Firewalls, Virtual Private Networks, Web Content Filtering and Protection, Enterprise Antivirus, and more to detect and investigate virus infections and intrusions. Initiate and manage security incidents for a nationwide 100,000+ node network. Additional responsibilities include vulnerability analysis and assessment and enterprise vulnerability management. Please consider applying if you have the required qualifications and experience.
- U.S. citizenship.
- A Public Trust clearance or the ability to obtain a clearance.
- Currently reside in, or within commuting distance of, New Carrollton, MD.
- A B.S. in Computer Information Systems, Cybersecurity, Computer Science, or a related STEM degree is strongly preferred.
- Minimum of eight (8) years of experience performing network security analysis (previous CSIRT experience is strongly preferred) utilizing the following skills:
- Advanced understanding of TCP/IP and application layer protocols.
- Ability to analyze network packet captures using various toolsets such as tcpdump and Wireshark.
- Scripting skills utilizing Perl, Python, and/or Bash.
- Advanced understanding of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). Experience developing new IDS/IPS signatures based on observed and analyzed threats is a plus.
- Intermediate to advanced malicious code analysis capabilities. Ability to follow malicious code exposure events through the analysis of network, IDS, and system logs; determine the success, failure, and impact of the exposure (using sandboxing tools or rudimentary binary analysis of malicious objects); and execute remediation and recovery response actions.
- Demonstrable understanding of computer incident response procedures (proper collection, investigation, documentation, validation, and internal escalation). Ability to understand how to correctly document, triage, and respond timely to affected stakeholders during daily analysis and response duties.
- Strong understanding of system and network exploitation, attack, and intrusion techniques.
- Experience analyzing security events in Microsoft 365 (formerly Office 365), Azure, and/or Amazon Web Services (AWS) is strongly preferred, as are security-related certifications in M365/Azure and/or AWS.
- Ability to draw upon expertise and think independently to detect and assess computer and network threats and determine appropriate remediation actions.
- Advanced written and oral communication skills.