Skip to main content
Back to jobs

Computer Network Defense Analyst

External
agecareers logoAgecareers · Columbus, OH
Full-timeOn-site1mo ago30+ days old, may be filled
DocumentationIncident ResponseSIEM
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role


About the role

AGE Solutions is a premier technology and professional services company, providing in-depth consulting, advanced technology solutions, and essential services throughout the U.S. government, defense, and intelligence sectors. Prioritizing innovation and client-focused solutions, we assist major agencies in addressing intricate issues and ensuring a more secure future. AGE Solutions is looking for a Computer Network Defense Analyst (CND Analyst) to provide enterprise-level Cyber Network Defense (CND) support for continuous monitoring, detection, analysis, and response to cybersecurity events and unauthorized activity affecting government information systems and network infrastructure. Supports 24x7x365 cybersecurity operations to maintain confidentiality, integrity, availability, and overall security posture of government networks, systems, applications, and data assets across multiple operational environments. Responsibilities Include: Performs enterprise Cyber Network Defense (CND) activities in support of continuous cybersecurity operations, including the identification, assessment, investigation, and remediation of cyber threats, security events, and unauthorized activity impacting government systems and network infrastructure. Maintains persistent defensive cyber operations to preserve the security, availability, integrity, and resiliency of government enterprise networks, applications, and data resources across diverse operational environments. Conduct proactive threat hunting activities to identify emerging cyber threats, suspicious activity, and potential vulnerabilities impacting enterprise systems, networks, and operational environments. Initiate and coordinate incident response procedures upon confirmation that a security event or alert meets established cybersecurity incident criteria requiring investigation, containment, and remediation actions. Analyze and correlate cybersecurity data from multiple sources, including host and network IDS/IPS platforms, system logs, packet captures, forensic utilities, and threat intelligence resources, to identify, assess, and investigate potential cyber threats and malicious activity. Evaluate the impact and scope of suspected or confirmed cybersecurity incidents and execute appropriate containment, eradication, and recovery actions to restore affected systems, services, and data while minimizing operational disruption. Document and maintain detailed records of all incident response activities, including detection, containment, eradication, and recovery efforts, in accordance with established government Standard Operating Procedures (SOPs) and Tactics, Techniques, and Procedures (TTPs). Adhere to established Tactics, Techniques, and Procedures (TTPs) while developing After Action Reports (AARs) that document identified deficiencies, lessons learned, corrective actions, and recommendations for continuous process and operational improvement. Develop, customize, and implement cybersecurity countermeasures, including SIEM correlation rules and IDS/IPS signatures, to enhance threat detection capabilities and strengthen the defensive security posture of government enterprise environments. Perform tuning and optimization of cybersecurity detection signatures while documenting all modifications and configuration changes in accordance with established government policies, procedures, and operational guidelines. Ensure prompt notification, escalation, and reporting of cybersecurity incidents to the proper, Program Management Offices (PMOs), Information System Security Managers (ISSMs), USCYBERCOM, JFHQ-DODIN, law enforcement entities, and other designated stakeholders in accordance with established reporting requirements and incident response procedures. Maintain detailed incident journals and ensure all cybersecurity incident reporting, documentation. Perform basic malware analysis and support the forensically sound collection, acquisition, handling, and preservation of volatile, persistent, and environmental incident data in support of cybersecurity investigations and incident response activities. Prepare, document, and submit forensic examination and malware analysis reports in accordance with established cybersecurity investigation, reporting, and incident response requirements. Participate in proactive threat hunting operations utilizing established tools, methodologies, and Standard Operating Procedures (SOPs) to identify suspicious activity, enhance threat detection capabilities, and develop or implement new detection signatures and indicators. Document and maintain detailed records of threat hunting activities, investigative actions, analytical findings, and identified indicators to support cybersecurity operations, reporting, and continuous improvement efforts. Provide cybersecurity training and awareness guidance to Information System Security Managers (ISSMs), system administrators, and end users on the identification, reporting, an


Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at agecareers? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect