Cyber Network Defense Analysts (Level IV - Network Investigations)

Immediate fulltime openings for Cyber Network Defense Analysts (CNDA) with an active Top Secret clearance to support a critical customer mission. This opportunity provides onsite advanced Cyber Defense, rapid incident response, and immediate investigation and resolution using host-based, network-based, and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity.

This is an onsite contract, but due to COVID they have been going in (1) day per week or as frequently as their activities require since SCIF work is required. They are working on a telework policy, but right now it is expected they will need to be onsite about (3) days per week once things open back up.


- Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
- Coordinate with enterprise-wide cyber defense staff to validate network alerts
- Perform management duties as required to support the team, projects, and analysts - Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment
- Perform cyber defense trend analysis and reporting
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
- Provide daily summary reports of network events and activity relevant to cyber defense practices
- Receive and analyze network alerts from various sources within the enterprise and determine potential causes of alerts
- Provide timely detection, identification, and alerting of attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities - Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity
- Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information - Identify and analyze anomalies in network traffic using metadata
- Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools
- Identify applications and operating systems of a network device based on network traffic
- Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS) fingerprinting activities
- Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave

Required Skills

- Must be US Citizen due to government requirement.
- Must have an active TS clearance or higher and able to obtain DHS Suitability. Must be SCI eligible.
- BS Computer Science, Cyber Security, Computer Engineering, or related degree and 8+ years of direct relevant experience in cyber defense analysis using leading edge technologies and industry standard cyber defense tools; OR HS Diploma & 10 years of network investigations experience.
- Experience successfully developing and deploying signatures
- Experience detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort)
- Experience implementing incident handling methodologies
- Experience implementing protocol analyzers
- Experience collecting data from a variety of cyber defense resources
- Experience reading and interpreting signatures (e.g., snort)
- Experience performing packet-level analysis
- Experience conducting trend analysis

Desired Certifications
- One or more of the following professional certifications:
- GNFA, GCIH, GCIA, GSEC, CASP+, CySA+, PaLMS, FedVTE, GSEC (SANS401), Arcsight (or other SEIM solution), Network+, Security+

Apply Now

Return to Search Results

Have a Question?


Arlington, VA



Anticipated Start Date

Monday, August 1, 2022

Job Type

Direct Hire

Anticipated Duration


Date Posted

Thursday, July 7, 2022

Know someone who would be a good fit? We pay for referrals!

Share this job:

Call 800-ELITE-50
Reference #10601

Elite Technical Services, Inc. participates in the E-Verify program to confirm the employment eligibility of all persons hired. This means that we will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee's Form I-9 to confirm work authorization. Elite Technical Services, Inc. will not use E-Verify to pre-screen job applicants.

Elite Technical Services, Inc. is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.