Related skills
linux windows splunk tcp/ip dnsπ Description
- Assist government lead in coordinating teams in preliminary incident response investigations
- Interface with the customer on-site
- Determine actions in response to anomalous network activity
- Assess network topology and device configurations; provide security recommendations
- Collect network intrusion artifacts (PCAP, domains, URIs, certs) for mitigation
- Analyze malicious network activity to identify weaknesses and methods
π― Requirements
- BS in CS/Cyber Security/Computer Engineering; or HS Diploma with 4-6 yrs network investigations
- 2+ years directly relevant network investigations experience
- In-depth knowledge of CND policies, procedures, and regulations
- In-depth knowledge of TCP/IP protocols
- In-depth knowledge of ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS
- In-depth WiFi networking and network topologies (DMZs, WANs)
- Substantial knowledge of Splunk or other SIEMs
- Understanding MITRE ATT&CK and defense-in-depth concepts; able to work across locations
π Benefits
- Active TS/SCI clearance and ability to obtain DHS EOD suitability
- Referral bonus up to $3,500 for new candidate referrals
- ARSIEM is an Equal Opportunity Employer
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!