Network Defense Analyst/ Vulnerability Analyst (Government)
The position supports a national security focused customer providing systems security services administration to ensure confidentiality, integrity, and availability of national security systems. The position requires traditional systems administration skills such as installing, updating, troubleshooting, and maintaining systems, with the addition of security administration such as applying application and operating system hardening techniques to servers, workstations, virtual machines, and network components, conducting vulnerability scans using a combination of COTS and GOTS toolkit, and
assesses the level of risk and develops and/or recommends appropriate mitigation.
The Systems Security Administrator responsibilities include, but are not limited to:
- Installs, configures, troubleshoots, and maintains servers, workstations, network appliances and systems configurations (hardware and software) to ensure their confidentiality, integrity, and availability and administers system accounts.
- Conducts threat and vulnerability assessments of systems and networks within the enclave and determine deviations
- from acceptable configurations or policies.
- Assesses the level of risk and develops and/or recommends appropriate mitigation countermeasures.
- Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability,
- authentication, non-repudiation).
- Provide ongoing optimization and problem solving support.
- Oversee installation, implementation, configuration, and support of system components.
- Manage accounts, network rights, and access to systems and equipment.
- Maintain baseline system security according to organizational policies.
- Comply with organization systems administration standard operating procedures.
- Develop and document systems administration standard operating procedures.
- Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions.
- Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies solutions.
High School required
- Navy IT training and 4+ years of experience with information assurance (IA) required
- DOD IAM-III certification required within 6 months of appointment IAW DOD 8570.01-M,
- experience with DoD security management and security engineering policy guidance and directives.
- Work is of an independent nature requiring minimal supervision not normally reviewed for accuracy, and knowledge of
procedures and regulations pertaining to safeguarding classified material.
- Working skill with UNIX, LINUX, Windows and CISCO operating environments and various software applications.
- Skill in basic system administration, network, and operating system hardening techniques.
- Skill in using network analysis tools to identify vulnerabilities.
- Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
- Working skill with DISA Information Assurance Support Environment (IASE), Secure Assured Compliance Assessment
Solution (ACAS) and Security Technical Implementation Guide (STIG).
- Conducting vulnerability scans and recognizing vulnerabilities in security systems.
- Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
- Knowledge of network protocols (e.g., Transmission Critical Protocol/Internet Protocol [TCP/IP], Dynamic Host
Configuration Protocol [DHCP]), and directory services (e.g., Domain Name System [DNS]).
- Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g.,
application of defense-in-depth).
- Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
- Knowledge of cryptography and cryptographic key management concepts.
- Skill in assessing the application of cryptographic standards.
- Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).
-Knowledge & Experience with scanning tools
-Knowledge of Exacta
- At least three (3) years of experience as an Cyber Defense Analyst or Vulnerability Analyst on programs and contracts of
similar scope, type, and complexity within the Federal Government.
- Experience with testing methods, automated tools, plans, and procedures for verification of compliance and vulnerability requirements.
- Experience with modern networks, operating systems, databases, and virtual computing.
- Good verbal and written communication skills, with the ability to collaborate across teams and organizations, including
senior level management.
- Proficient in Microsoft Office tools. (Power Point, Word, Visio, etc.).
Required certifications - Intermediate/Journeyman level. DoD 8570 IAT-II Baseline Certification : COMPTIA Security+.
Preferred: Associates, Applied Science (AAS) in Information Services Technology, Cybersecurity, or Computer Information Systems
Required Clearance: Active in scope DoD TS/SCI clearance with Poly
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V
Meet Some of AT&T's Employees
Architect, Entertainment Group
As a cloud architect, Aaron builds and designs different cloud environments that enable video processing. His work helps customers get whichever channels they want, on whatever device they require.
Back to top