Computer Network Defense Analyst Job Description
Computer Network Defense Analyst Duties & Responsibilities
To write an effective computer network defense analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included computer network defense analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Computer Network Defense Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Computer Network Defense Analyst
List any licenses or certifications required by the position: III, IAM, CE, IAT, DOD, CSSP, CEH, CISSP, GCIH, GIAC
Education for Computer Network Defense Analyst
Typically a job would require a certain level of education.
Employers hiring for the computer network defense analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Technical, Computer, Education, Electrical Engineering, Information Systems, Cyber Security, Management Information Systems, Technology, Network Security
Skills for Computer Network Defense Analyst
Desired skills for computer network defense analyst include:
Desired experience for computer network defense analyst includes:
Computer Network Defense Analyst Examples
Computer Network Defense Analyst Job Description
- Perform computer network defense (CND) incident triage and making recommendations that enable expeditious remediation
- Employ defense-in-depth principles and practices, collect intrusion artifacts and use discovered data to enable mitigation of potential computer network defense (CND) incidents
- Lead a team of Cyber Security Analyst responsible to provide Defense-wide situational awareness and attack sensing and warning through fusion, analysis and coordinated information flows
- Leads incident response
- Monitors system security and responding to security incidents
- Participates in security systems testing
- Ensures integrity and confidentiality of sensitive data
- Prevents and detects intrusion
- Validates incident containment and remediation recommendations
- Conducts forensic media analysis and log file analysis (to include Encase)
- Experience in cybersecurity technologies and methodologies
- Must be willing to work shifts in support of 24X7X365 operations
- Requires Both DoD 8570 IAT-III and CNDSP Specialty Incident Responder Certifications to start work
- Must be willing to obtain and maintain CI Poly
- CNDSP Analyst, or CNDSP Incident Responder, or CNDSP Auditor
- DOD 8570 IAT 2 (Sec+ or equiv
Computer Network Defense Analyst Job Description
- Ensure that all the operating systems, software, and system hardware, and any other related procedures are being executed properly and that it is in compliant with the organizational rules and policies
- Verify the integrity and availability of all the resources of servers, hardware, and other relevant systems and key processes
- Perform event correlation using information gathered from a variety of sources within the customer’s IS to gain situational awareness and determine the effectiveness of an observed attack
- Notify CND or appropriate managers, CND incident responders, and other CND-SP team members of suspected CDN incidents and articulate the events history, status, and potential impact for further action
- The Computer Network Defense Analyst (CNDA) is responsible for implementing and enforcing national, DOD (8500.01, 6510, ), and MDA security policies and directives
- The CNDA is responsible for continuous network security monitoring, intrusion detection, and incident response actions to defend the C2BMC component of the Ballistic Missile Defense Communications Network (BMD COMNET) and C2BMC mission systems and services
- The CNDA collects stores and presents data and metrics for use by senior leaders to conduct Operational Risk Management (ORM) decisions on the network security posture and perform proactive security functions established to assist BMD organizations in deterring, detecting, isolating, containing, and recovering from information system (IS) and network security intrusions and mitigating known network vulnerabilities
- Monitor critical operational networks and help improve overall system security
- Assist in coordinating and executing improved monitoring and intrusion analysis across mission infrastructure in support of Cybersecurity Operations
- Take over current infrastructure monitoring and intrusion analysis, helping to shape and define future improvements to automated analysis and improve system security posture
- Candidate must have an active DoD Secret security clearance to start
- Bachelor's degree in a relevant technical discipline and 12+ years of overall related experience
- SIEM Tool Experience (ArcSight, Splunk, Wireshark)
- Must have a current/active DOD Secret clearance and the ability to maintain an active DOD clearance
- Per DOD 8570 Compliance, all candidates must have a current/active Security+ CE (Continuing Education) certification
- 5 years of work related experience with a Bachelors degree in Engineering, IT or related field, or 9 years of work related experience in lieu of a degree
Computer Network Defense Analyst Job Description
- The CNDA is responsible for continuous network security monitoring, intrusion detection, and incident response actions to defend the C2BMC component of the Ballistic Missile Defense Communications Network (BMD COMNET) and C2BMC
- 2 years of work related experience with a Bachelors degree from an accredited college in a related discipline, or 6 years in lieu of a degree
- Must meet DoD 8570 IAT Level II certification requirements (Security + CE, CSA+, GICSP, GSEC, SSCP, CCNA - Security)
- Perform near-real-time network security alerting and problem resolution
- Prioritize remediation efforts using reliable threat intelligence
- Monitor and protect the security of the DCGS from internal and external threats
- Implement the Enterprise Audit Conceptual Framework as defined by Intelligence Community Standard (ICS) 500-27
- Perform all functions of the Computer Network Defense Framework
- Generate a complete list of auditable events for all user activity and then process, format, filter, and share the data
- Provide risk determination recommendations to the Authorizing Official (AO) regarding acceptance or rejection of an Authority to Operate (ATO) or Authority to Test (ATT)
- Must have TS/SCI clearance and must be willing to obtain and maintain CI Poly
- Must have a good understanding of networks at the packet level and be able to analyze packet captures at the expert level
- Must have experience using CND tools such as Enterprise Security Information and Event Management Systems (SIEM), Intrusion Detection and Prevention Systems (IDS, IPS), Web Content Monitoring Systems (Palo Alto), Firewall and Syslog logs
- Must have experience creating content in Splunk to hunt for malicious activity and ability to assist with implementation of countermeasures or mitigating controls
- Requires Both DOD8570 IAT-II and CNDSP Specialty Incident Responder Certifications to start work on the task order
- Monitor external data sources (e.g., computer network defense vendor sites, Computer Emergence Response Teams, SANS, Security Focus), update the CND threat condition, and determine which security issues may have an impact on the enterprise
Computer Network Defense Analyst Job Description
- Provide weekly update to the government on current status of cyber readiness
- Provide a robust set of checks and balances to protect against unauthorized network modifications, penetrations, and other threats that might affect mission operations
- Manage antivirus definition files on DCGS Enterprise information systems
- Provide guidance and assistance to other units and agencies responding to security events
- Track and ensure enterprise compliance of Information Assurance Vulnerability Alerts (IAVA), DISA assist bulletins, and Air Force Computer Response Team (AFCERT) notifications and compliance with other governing directives
- Perform and oversee network vulnerability scanning functions IAW governing directive
- Perform security scans, analyze scan results, and documents findings for products as required to successfully complete continuous monitoring
- Continuously assess new security related technology and tools for applicability within the customer environment
- Monitor and perform regular security checks looking for indicators of compromise and actively monitors threat detection infrastructure
- Review system and other related application logs to validate backups are being performed properly and successfully
- Specialization i Must have experience performing computer programming tasks with Python Programming (can read from and write to a SQL database, can process JSON formatted data (import/export), can process SML formatted data (import/export), can read from and write to files from a fixes and removable storage, can programmatically write scripts to collect, filter, evaluate Operating System artifacts and/or Network Packet Captures for threat analysis and signs of intrusion)
- 10 years of experience performing computer network defense (CND) incident triage with a Bachelor's degree in Computer Science or other technical field
- Must have 5+ years of experience in network defense and/or Incident Response and a Bachelor's degree in Computer Science or other technical field
- Discover and characterize network and platform anomalies to include cross domain violations and submit findings to the Reporting Team Lead for analysis and report generation
- Conduct all multi-source threat analyses to examine host behaviors and network traffic for high priority malicious attacks, anomalous traffic, or other incidents of interest, generating and providing reports as appropriate
- Integrate Cyber Threat Intelligence to inform customer on newly discovered threats and vulnerabilities associated with the technologies used in the enterprise for the purpose of developing hunt analytics
Computer Network Defense Analyst Job Description
- Maintain all documentation relevant to the emergency security measures and train the subordinates to create an awareness about the same
- May interface with external entities
- Performing computer network defense (CND) incident triage, to include determining urgency, and potential impact
- Identifying the specific vulnerability and making recommendations that enable expeditious remediation, and making recommendations that enable expeditious remediation, perform initial, forensically sound collection of images and inspect to determine mitigation/remediation on enterprise systems
- Performing real-time computer network defense (CND) incident handling (e
- Receiving and analyzing network alerts from various sources within the enterprise and determining possible causes of such alerts, and track and document computer network defense (CND) incidents from initial detection through final resolution
- Employing defense-in-depth principles and practices, collect intrusion artifacts (e.g., source code, malware, and Trojans) and use discovered data to enable mitigation of potential computer network defense (CND) incidents within the enterprise
- Assisting with analysis of actions taken by malicious actors to determine initial infection vectors, establish a timeline of activity and any data loss associated with incidents
- Customer Support Desk operations- Support IA Ops reviews, assessments, exercises, and operations surges
- Anti-virus software support
- Must have ten (10) years of experience in network defense and/or Incident Response and a Bachelor's degree in Computer Science or other technical field or eight (8) years or more experience with a Masters Degree
- Examine network topologies to understand data flows through networks and provides mechanisms to tip countermeasures
- Develop, document and synchronize the recommendations and the tasking of signature and rule sets across ail sensors , IDS, FW, used by the customer
- Bachelor’s Degree required plus twelve (12) years of related work experience
- Master’s Degree in Computer Science or IT Engineering or related field of study may be substituted for six years of experience
- Knowing how to string together data, what questions to ask, what activities will point to a target that we care about