Counter Access Analyst III

Abacus Technology is seeking a Counter Access Analyst to provide technical support for the AFCENT Network Operations and Security Center (NOSC) at Shaw AFB.  This is a full-time position.

• Build tactical and strategic network profiles for specific systems and complete network architecture.
• Utilize network intrusion devices and available cyber defense infrastructure, including but not limited to, Endpoint Security Systems, Intrusion Detection and Prevention Systems (IDS/IPS), proxy security appliances, forensics tools, and other security agents to minimize threats to AFCENT Networks.
• Assist with analyst training in advanced traffic analysis, incident response, and cyber hunt activities.
• Proactively conduct cyber hunt activities, search through systems and networks to detect advanced threats and monitor network traffic to determine system vulnerabilities and required fixes; apply established network security procedures, log and make recommendations for correcting network security incidents; and coordinate the escalation of security issues requiring detailed analysis to Cybersecurity Analysts.
• Proactively analyze AFCENT network IDS and IPS for evidence of malicious cyber activity and conduct defensive cyber operation (DCO) missions to eliminate identified threats.
• Conduct threat emulation testing and develop and deploy advanced threat mitigation strategies in response to test results.
• Develop and deploy countermeasures (to include IDS/IPS signature developments and correlation rule sets) to isolate, contain and prevent intrusive activities and secure AFCENT/CENTCOM networks.
• Conduct network and computer forensics on suspected and confirmed compromised systems to determine the method of intrusion and corrective actions to be taken to prevent or detect similar future activities.
• Conduct thorough forensic investigations on security incidents, including data breaches and system compromises.
• Collect, preserve, and analyze digital evidence following established procedures to support incident investigations.
• Perform network traffic and host analysis to evaluate intruder activities using host and network-based monitoring system.
• Coordinate with other Counter Access Team (CAT) and Vulnerability Management (VM) team to ensure latest known vulnerabilities are properly identified and corrected.
• Monitor network traffic to determine system vulnerabilities and required fixes; apply established network security procedures, logs and makes recommendation for correcting network security incidents; and coordinate the escalation of security issues requiring detailed analysis to Security Analyst.
• Utilize network intrusion and available cyber defense infrastructure, including but not limited to, Endpoint Security Systems, IDS/IPS, proxy security appliances, forensics tools, and other security agents to minimize threats to AFCENT networks.
• Examine logs and information gained from network sniffers or protocol analyzers to determine if possible unauthorized access has occurred.
• Identify, track and record suspected intrusion or actual security breach; and detail analyses in written reports for legal use.

5+ years experience in network and cyber security.  Bachelor’s degree in a related field.  Additional years of experience may be substituted for degree requirements.  Must be Security+ certified.  Must be Network+ or CCNA certified.  Must hold the ITIL v5 Foundations certification or be able to obtain the certification within 60 days of hire.  Must have firewall experience.  Experience with intrusion detection and vulnerability assessments.  Networking experience including routers and switches.  Able to maintain current knowledge on new vulnerabilities and exploits, malware behavior and propagation characteristics, and anti-virus tools.  Must be detail oriented and possess the ability to work in a multi-disciplined environment with an adaptive personality.  Strong analytical and communication skills.  Must be a team player able to work professionally and collaboratively with the government customer and other contract members of the project team.  Must be a US citizen and hold a current Secret clearance.

Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.

EOE/M/F/Vet/Disabled