Assist with the engineering and configuring of ISs to enable CND protection activities for servers, firewalls, and routers. Assist with developing and executing processes and procedures that include protecting, monitoring, detecting, analyzing, and responding to unauthorized actions in cyberspace. Execute network defense steps, such as configuring and deploying firewalls and intrusion detection systems and modifying systems to protect them against current threats. Analyze network traffic for signs of attack, perform risk assessments, and develop plans for responding to attacks. Perform initial observation of near real-time sensor feeds/alerts and other primary sources to identify security-related events of interest for evaluation and to determine priorities for further action. Efficiently and accurately determine whether a given event or other initiating information is: False positive, Routine security event with defined containment/remediation, Significant security event requiring escalation. Analyze malicious activity to determine weaknesses, exploitation methods, and effects. Conduct research, analysis, and correlation across all source data sets (indications and warnings) to ensure survivability and accessibility. Recommend appropriate courses of action in response to anomalous network activity. Recommend tactics techniques and procedures (TTPs) for intrusion sets. Examine network topologies to understand data flows through the network. Identify applications and operating systems of a network device based on network traffic. Identify network mapping and operating system (OS) fingerprinting activities. Perform Computer Network Defense trend analysis and reporting. Provide daily summary reports of network events and activity relevant to Computer Network Defense. Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities. Receive and analyze network alerts from various sources within the enterprise. The contractor shall recommend computing environment vulnerability corrections. Reconstruct attacks using activity based off-network traffic flows, packet capture, and security device logs (IDS/IPS, HIDS/HIPS, and firewalls) to analyze attack scenarios. Use CND tools for initial monitoring and analysis to identify malicious activity. Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools. Monitor networks for Cross Domain violation, and provide logs and alerts for forensic examination.
Years of Experience:
3-5 yrs. exp. In cyber field
Must obtain PMP w/in 1 yr. of award; IAT III
Full benefits are offered.
Bravura is a rapidly growing Woman Owned Small Business (WOSB) that provides professional and engineering services, technology solutions and product offerings to DoD, Federal Civilian agencies. Bravura is an Equal Opportunity Employer. Bravura does not discriminate against employees or applicants for employment on any legally recognized basis (protected class) including, but not limited to: veteran status, uniform service member status, race, color, religion, sex, national origin, age, physical or mental disability, genetic information or any other protected class under federal, state, or local law. These are positions that require a U.S. Citizenship.