Alexandria, Virginia, United States
Performs forensic analysis of digital information and gathers and handles evidence May use programming skills to help reverse engineer malicious code and help create fixes for vulnerable applications or services on the network Perform security audits, risk analysis, network forensics and penetration testing in order to analyze, develop, and recommend courses of action Responsible for the full lifecycle of security incidents involving enterprise systems and data including personally identifiable information (PII) breaches Help improve the overall security posture through obtaining the knowledge of the enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholders Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, IDS logs) to identify possible threats to network security Respond to cyber incidents, including responding to IR phone calls and emails, and preparing situational awareness reports and escalate incidents as needed Investigate phishing and other user self-identified potential cyber incidents. Correlate incident data to identify specific vulnerabilities and make recommendations Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies through monitoring of vulnerability scanning devices Identify and analyze anomalies in network traffic using metadata Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise Participate regularly in working group sessions, to include idea generation for new content rules for security alerting and reduction of false positives Evaluate the current Computer Security Incident Response Capability (CSIRC) to ensure compliance with federal mandates for incident response and reporting.
Leads a squad of 6-10 signal intelligence analysts. Signals Intelligence NCOIC (Non Commissioned Officer in Charge)
Intel Support Analyst to Information and Cyber Operations.
Marine Corps Web Risk Assessment Cell (MCWRAC) Web Risk Assessments • Provide the capability to conduct Wireless, Windows, Unix, Linux, Database, Application, infrastructure security assessments in accordance with the DISA STIGs, and DoD and Marine Corps guidance, analyze results and document mitigation recommendations • Provide the capability to locate and assess ICS/SCADA systems on the MCEN analyze results and document mitigation recommendations • Provide capability to conduct remote assessments to provide pre-inspection reports to the Inspector General Marine Corps Staff in relation to Functional Area Checklist Cybersecurity Management (5239) Web Risk Testing • Provide the capability to conduct automated source code review for systems and application on MCEN analyze results and document mitigation recommendations • Provide the capability to conduct application and web application penetration testing analyze • Provide the capability to harvest meta data about Marine Corps on MCEN and public internet, review known exploit posting sites (e.g., PasteBin) and report Marine Corps exploits, analyze results and document mitigation recommendations • Provide the capability to test Public Key Infrastructure (PKI) implementation on the MCEN, ensure that systems take correct certificates, checking the Certificate Revocation List (CRL), analyze results and document mitigation recommendations