Cyber Network Defense Analyst (CNDA)

NewGen Technologies

Arlington, Virginia

JOB DETAILS
SKILLS
Amazon Web Services (AWS), Analysis Skills, Application Programming Interface (API), Artificial Intelligence (AI), Automation, Bash Scripting, Best Practices, Biometrics, Business Processes, CCSP - Cisco Certified Security Professional, CISSP - Certified Information Systems Security Professional, Cloud Computing, Computer Engineering, Computer Forensics, Computer Hacking, Computer Network Defense (CND), Computer Science, Cyber Investigation, Docker, Documentation, Forensic Science, GCFA - GIAC Certified Forensic Analyst, GCIH - GIAC Certified Incident Handler, GCP (Good Clinical Practices), Government, Homeland Security, Hunting, Hybrid Cloud, Incident Response, Infrastructure as a Service (IaaS), Internet Security, JavaScript, Microsoft Product Family, Microsoft Windows Azure, Network Performance/Analysis, Network Security, Operations Planning, Platform as a Service (PaaS), Problem Solving Skills, Python Programming/Scripting Language, Reporting Skills, Resource Management, Scripting (Scripting Languages), Sensitive Compartmented Information (SCI), Software as a Service (SaaS), Technical Delivery, Technical Support, Telemetry, Top Secret Clearance, United States Citizen, Windows PowerShell
LOCATION
Arlington, Virginia
POSTED
30+ days ago
Our Partner provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. They are seeking Cyber Network Defense Analysts (CNDA) with Cloud Forensics experience to support this critical customer mission. 

Responsibilities
  • Conduct forensic acquisition and analysis from on-premises and cloud platforms (Entra ID/Azure AD, M365, AWS, GCP, SaaS) to identify compromise activity, persistence mechanisms, and data exfiltration
  • Investigate and respond to incidents and attacks targeting cloud and hybrid identity
  • Correlate cloud control-plane events and network telemetry (e.g., Azure Activity Logs, AWS CloudTrail, VPC Flow Logs) to reconstruct attacker timelines, validate IOCs, and identify post-compromise privilege escalation
  • Develop and operationalize detection logic and automation using cloud-native tools (Microsoft Defender, Sentinel, AWS GuardDuty, GCP Chronicle) and scripting (PowerShell, Python, Bash), integrating threat intelligence feeds and indicators
  • Produce technical reports, incident documentation, and containment recommendations integrating cloud, identity, and endpoint findings; support development of incident response playbooks and procedures for cloud and hybrid environments
  • Support cloud development and automation projects to enhance threat emulation, investigative, and hunting capabilities
  • Coordinate with internal teams, government staff, and external stakeholders to validate alerts and investigate preliminary findings
Requirements
  • U.S. Citizenship 
  • Active TS/SCI Clearance 
  • Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability 
  • BS in Computer Science, Cybersecurity, Computer Engineering, or related field; OR HS Diploma with 7+ years relevant experience
  • 5+ years of experience in cyber forensic investigations with leading tools and techniques
  • Strong understanding of SaaS, PaaS, and IaaS in cloud environments, and hybrid identity security
  • Expertise in acquiring forensically sound evidence, analyzing attacks, and reporting findings
  • Knowledge of M365/Azure, hybrid identity, and threats targeting these solutions
  • Knowledge of AWS, IAM, and best practices for cloud identity security
Desired Skills
  • Strong API and scripting skills (PowerShell, Python, Bash, JavaScript) for automation and threat detection
  • Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats
  • Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, CloudFormation, Azure Resource Manager, Docker)
  • Certifications: GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS or Microsoft Cloud/Security certifications

About Us
For more than 20 years, NewGen Technologies has solved our clients’ toughest IT challenges with integrity, security, and outstanding service by delivering both technology and talent. We have helped secure borders, have used artificial intelligence (AI) to fight terror, aided the identification of criminals, and have helped to prevent crime through the introduction of biometrics. Our team of Highly Cleared Specialists have hard-to-find skills and expertise in a wide spectrum of technologies to provide solutions that transform business processes and solve problems of national significance. #CJ

About the Company

N

NewGen Technologies

NewGen Technologies specializes in developing and implementing solutions to your IT challenges-especially those involving specialized technologies.

Founded in 1997, NewGen grew quickly and became immediately successful because of our primary commitment to satisfying our customers.

Our formula for success is simple-we deliver high quality products and services. We develop and maintain a staff of highly trained, experienced consultants who devise and execute creative, effective solutions to our clients' IT challenges.

Despite NewGen's rapid growth, we keep our organization agile so we can respond quickly as our customers' needs develop. And we keep our overhead in check so we can offer top-tier talent for reasonable rates.

NewGen Technologies, Inc. is a privately held, minority woman-owned small business incorporated in the state of Maryland.

COMPANY SIZE
100 to 499 employees
INDUSTRY
Computer/IT Services
FOUNDED
1997
WEBSITE
http://www.newgentechnologies.com/