Network Intrusion Specialist

  • Booz Allen Hamilton
  • Fort Meade, MD, USA
  • Mar 26, 2020
Full time   Network Security Admin/Operations

Job Description

Network Intrusion Specialist
Key Role:

Apply expertise with network security principles and technologies to analyze Packet Capture (PCAP), Netflow, Firewall, and intrusion detection system (IDS) alerts, and system logs in support of investigations and operations. Leverage open-source tools to analyze common network traffic, including HTTP, DNS, FTP, and various Web application protocols to detect anomalies. Analyze anomalies by using knowledge of network security devices, including firewalls, IDS, Intrusion Prevention System (IPS), and proxy and Web service security configurations to detect common exploits, indicators of compromise, and attack patterns and provide detailed documentation of findings.

Basic Qualifications:
  • 3+ years of experience with conducting PCAP analysis
  • 2+ years of experience with using TCPDUMP
  • Experience with Linux and open source tools
  • TS/SCI clearance
  • BA or BS degree or 4+ years of professional work experience in a intelligence analysis role in lieu of degree
  • One or more of the following certifications: Certified Ethical Hacker (CEH), Security+, Certified Information Systems Security Professional (CISSP), GIAC Certified Intrusion Analysts (GCIAs), GIAC Certified Incident Handler (GCIH), or GIAC Certified Forensic Analyst (GCFA)

Additional Qualifications:
  • Experience with data management
  • Experience with using Splunk
  • Experience with Linux scripting and command-line tools, including awk, cut, or grep
  • Experience with coding in one programming language, including Python, PHP
  • EnCase Certified Forensic Examiner (EnCE), EnCase Certified eDiscovery Practitioner (EnCEP), Certified Forensic Security Responder (CFSR), GIAC Reverse Engineering Malware (GREM), Certified Reverse Engineering Analyst (CREA), Wireshark Certified Network Analyst (WCNA), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), or Network+ Certification preferred

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We're an EOE that empowers our people-no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic-to fearlessly drive change.

Security Clearance

Top Secret