Computer Network Defense Analyst Resume Sample
Work Experience
- Recognize known worms/viruses based on their signatures - Ability to recognize network intrusion events and to differentiate false positives
- Recognize successful intrusions and compromises through review and analysis of relevant event logs and other detailed information - Knowledge of hardware (Routers, CSU/DSU, bridges, multiplexers, servers and switches configuration)
- The CNDA operates and administers the BMD provided computer network defense suite of tools, to include firewalls, correlated log analysis, intruder alert and related services to protect BMD COMNET infrastructure and information services from internal and external threats
- Constant monitoring of intrusion detection systems
- Network defense / incident response / IA experience
- Hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following: Computer intrusion analysis
- Hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following
- Conduct multi-source threat analyses to examine host behaviors and network traffic for high priority malicious attacks, anomalous traffic, or other incidents of interest, as well as generate reports as appropriate
- Monitor adversarial capabilities, exploits, vulnerabilities, mitigation techniques, and best practices information and guidance through all-source research
- Identify areas for deeper dive analysis of threat and vulnerabilities
- Examine network topologies to understand data flows through networks and provide mechanisms to tip countermeasures
- Employ analysis and tools to discover new threat actors
- Implement the applicable reporting guidelines outlined in applicable directives and guidance
- Conduct research and planning required for strategy development in response to real-time operational requirements
- Network defense / incident response / intrusion analysis experience
- /7 monitoring of security landscape
- Secret clearance (Interim acceptable on Day 1)
- GCIH, CEH or equivalent (ref DoD 8570 IA Baseline, CND- Incident Responder)
- Experience in a security operations center
- /7 monitoring of client security landscape
- Monitor, identify and analyze anomalous network activities on various networks
Education
Professional Skills
- Possession of excellent analytics, collaboration skills, detailed working
- Tier III Analyst experience, Network Analytics, Incident Investigations, Reverse Engineering and Malware Analysis, Task Prioritization
- Experience with developing alerts and setting policies within IDS, IPS, and HIPS systems, including SNORT or Sourcefire or McAfee Host Based Security System
- Experience with developing alerts and setting policies within IDS/IPS/HIPS systems, including SNORT or Sourcefire or McAfee Host–Based Security System
- Experience with developing alerts and analyzing policies within IDS/IPS/HIPS systems, including SNORT, Sourcefire, or McAfee Host-Based Security System (HBSS)
- Experience in Cloud Environment using cloud analytics and PIG scripts/jobs to present data and using the Hadoop Distributed File System
- Experience with IDS, IPS, HIPS, and associated management tools, including SNORT, Sourcefire, McAfee Host Based Security System, and Sentinel
How to write Computer Network Defense Analyst Resume
Computer Network Defense Analyst role is responsible for government, software, training, database, security, wireless, architecture, reporting, research, events.
To write great resume for computer network defense analyst job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Computer Network Defense Analyst Resume
The section contact information is important in your computer network defense analyst resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Computer Network Defense Analyst Resume
The section work experience is an essential part of your computer network defense analyst resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous computer network defense analyst responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular computer network defense analyst position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Computer Network Defense Analyst resume experience can include:
- Identify and document gaps in all data (e.g., netflow, syslog, etc.) that affect the customer mission in order to determine how to better posture mission capabilities
- Experience in computer networking, computer network defense, network monitoring, and intrusion analysis
- Experience with forensically analyzing Microsoft Windows Operating Systems (Windows 7/10/2008R2/2012R2)
- Experience with scripting in a Linux and/or Windows environment
- Experience with Cybersecurity tools, including ArcSight, Splunk ACAS, or equivalent SIEM tools
- Experience performing Incident Response as it pertains to a post exploited host/compromised network
Education on a Computer Network Defense Analyst Resume
Make sure to make education a priority on your computer network defense analyst resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your computer network defense analyst experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Computer Network Defense Analyst Resume
When listing skills on your computer network defense analyst resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical computer network defense analyst skills:
- Professional Skills/Required Skills: Excellent written and verbal communication skills. Excellent problem solving skills
- Possession of excellent analytical, collaboration, and detail skills
- Experience with IDS, IPS, HIPS, and associated management tools, including SNORT, Sourcefire, McAfee Host-Based Security System, and Sentinel
- Experience and understanding of what and how to examine computer memory, process dumps, binary images with Open Source Software tools
- SIEM Tool Experience (ArcSight, Splunk, Wireshark, etc.)
- Experience with developing alerts and setting policies within IDS/IPS/HIPS systems, including SNORT or Sourcefire or McAfee Host-Based Security System (HBSS)
List of Typical Experience For a Computer Network Defense Analyst Resume
Experience For Computer Network Defense Analyst, Senior Resume
- Hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following: Computer intrusion analysis - Intrusion detection - Computer network surveillance/monitoring
- Experience in IT with 2 years of experience in dedicated CND analysis technology
- Experience with IT
- Experience with dedicated CND analysis technology
- DoD 8570.01-M Computer Network Defense - Analyst (CND-A) Certification required, including Certified Ethical Hacker (CEH), GCIA, or GCIH
- DoD 8570.01-M IAT-II Certification required, including Security+ CE, SSCP, CCNA-Security, or GSEC
Experience For Computer Network Defense Analyst, Junior Resume
- Employ Cybersecurity capabilities and deliberate actions to respond to a CND alert or emerging situational awareness/threat
- Assists in incident response
- Incident containment and remediation recommendations
- Lead and complete CND analysis tasks
- Complete MDA CND analysis tasks
- Execute MDA Computer Network Defense (CND) analysis tasks
Experience For Computer Network Defense Analyst, Mid Resume
- Perform actions to protect, monitor, detect, analyze, and respond to unauthorized activity within assigned information systems and computer networks
- Serve as an expert on CND requirements and compliance to such requirements by using IA tools and techniques to perform compliance analysis and correlation, tracking and remediation coordination, and escalating CND non- compliance
- Provide technical analysis and sustainment support for the enterprise for IA tools and applications and assists with the application of Defense-In-Depth signatures and perimeter defense controls to diminish network threats
- Certification Requirements: DoDD 8570.01M = GCIA, CEH, CGIH, CSIH, GCFH, CISA, OR GSNA
- TS/SCI CI /Poly
- Use of various incident response tools (e.g., Acunetix, Adobe, Cobalt Strike, FireEye, Fluke Networks Air Magnet, F-Response, Encase Guidance Software, IDA Pro, McAfee Advance Threat Defense, Network Miner Pro, Palo Alto, Burp Suite Professional, Metasploit Rapid 7, Red Seal, Splunk, VMWare, Domain Tools, Virus Tools, Microsoft Products, Operating Systems (e.g., Windows OS 2008 and 2012; Linux)
List of Typical Skills For a Computer Network Defense Analyst Resume
Skills For Computer Network Defense Analyst, Senior Resume
- Experience with the Windows and Linux operating systems
- Experience with investigating malicious code
- McAfee, Blue Coat, Red Hat, Cisco, or other Computing Environment Certifications
- Windows Server Admin certification, preferably Server 2013
- CISSP, DoD 8570 IA Baseline, or IAT III Certification
- Security+ DoD 8570 Requirements
- Knowledge of systems configuration and management of firewalls, IDS, servers and work stations
- Advanced knowledge of information systems security concepts and technologies; network architecture; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and computer forensic tools such as EnCase and open source alternatives
Skills For Computer Network Defense Analyst, Junior Resume
- Strong comfort level with IPv4, TCP/IP, and RFC data, low level networking and protocols, TCP/UDP Ports for Apps, and understanding of what is normal/abnormal endpoint and on-wire activity
- Experience with packet analysis and its associated tools, including Wireshark and Ethereal
- Think “outside the box” and not willing to settle for conventional wisdom
- Use of SIEMs or scripting to pull data into usable formats. Notification sources are Antivirus, HIDS, NIDS, IPS, and Firewalls
- Three or more years of experience working in an operational Security Operations Center (SOC) as a cyber security professional, or on a team with responsibility for similar functionality and behavior
- Obtain appropriate tool or device Computing Environment (CE) and Operating System (OS) certifications, including Windows OS certification and applicable CE certifications, including ArcSight, HBSS, ACAS, Palo Alto Firewall Log Analysis, Cisco Router Log Analysis, VMWare Virtualization and Cloud Computing Log Analysis, or FireEye
- Obtain appropriate tool or device Computing Environment (CE) and Operating System (OS) certificates, including Windows OS Certificate and applicable CE Certificates, such as ArcSight, HBSS, ACAS, Palo Alto Firewall Log Analysis, Cisco Router Log Analysis, VMWare Virtualization and Cloud Computing Log Analysis, or FireEye
- Previous tools experience working with ArcSight, Splunk, PCAP, JIMS or equivalent toolsets
Skills For Computer Network Defense Analyst, Mid Resume
- DoD 8570 IAT Level III (CISA, CASP CE, GCIH, GCED, CISSP) or IAM Level III Certification(GSLC, CISM, CISSP)
- Excellent written and oral communication skills, effective interpersonal skills, problem solving ability and strong work ethic that is proactive and self-motivated
- Experience with incident handling, forensics, sensor alert tracking, or Cybersecurity case management
- Experience with Cybersecurity tools, including ArcSight, ACAS, or equivalent SIEM tools
- Experience in a SOC
- Experience in host-based computer defense/analysis
- Have five (5) years of relevant experience
Skills For Tier & Computer Network Defense Analyst Shift Work TS Resume
- Experience in a NOC or SOC
- GCIH, CEH, or equivalent certification, including DoD 8570 IA Baseline or CND Incident Responder
- DoD 8570 IAT Level II Certification, including Security+ CE
- Knowledge of industry, government and DoD best practices, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
- Knowledge of DoD system solutions to mitigate risk in any activity that potentially impacts the security of existing IT and information management
Skills For Computer Network Defense Analyst Resume
- Work a 12am-12pm or 12pm-12am shift, including some weekends
- Provide monitoring and risk analysis of zero-day and other vulnerabilities
- Triage SIEM events and determine escalation of indicators
- Apply NIST, federal, and DoD guidelines, policies, directives, and memos as they relate to Cybersecurity
- Knowledge of industry, government, and DoD best practices, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
- Firm understanding of how to examine Windows and Linux host-based artifacts in the conduct of Incident Response actions
- Work shifts in a 24x7x365 environment
Skills For Computer Network Defense Analyst, Senior Resume
- Previous experience in the monitoring/management of intrusion detection systems and firewall devices, to include: SideWinder, ArcSight, HBSS and/or Tripwire - Experience securing network gear against known vulnerabilities
- Relevant IT certifications such as Certified Information Systems Security Professional (CISSP), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident
- Develop, document and synchronize the recommendations and the tasking of signature and rule sets across ail sensors e.g., IDS, FW, etc. used by the customer
- Provide an in-depth analysis of system outages with recommendations for preventing future outages
- Facilitate a weekly problem management review providing such metrics as the total number of outages, mean time to repair (MTTR), and mean time between failures
- Assist in finding issue history and trend analysis data to speed up issue resolution
- Document processes/procedures and SOP's of Cyber Security, ensuring all documents are in correct format
- Assists higher-level analysts in analyzing alternative systems, cost aspects and feasibility factors
- Handler (GCIH), Encase Certified Examiner (EnCE), and EC-Council Certified Incident Handler (ECIH)
Skills For Computer Network Defense Analyst, Junior Resume
- Knowledge of hardware (Routers, CSU/DSU, bridges, multiplexers, servers and switches configuration) - Previous experience in the monitoring/management of intrusion detection systems and firewall devices, to include SideWinder, ArcSight, HBSS and/or Tripwire
- Strong familiarity with Advanced Persistent Threat (APT) activity as well as indicators of compromise
- Active Secret Clearance – SSBI Required
- Identify network problems and determine root cause
- Help develop courses of action to present to customer leadership
- Coordinate enterprise after action reports for system outages
Skills For Computer Network Defense Analyst, Mid Resume
- Transform the results of root cause analysis into a Known Error Database
- Contribute to the development and ongoing sustainment of a dynamic web-based dashboard for stakeholders, ensuring that root causes and known workarounds are readily available and easily accessible
- Provide a weekly assessment of system and circuit health and data for trend and root cause analysis
- Record all inputs and outputs of systems, including file sizes, data bank requirements, variability of information and appropriate statistical measures such as frequency, volume, peaking, etc
- Validate users have the need-to-know and reactivate their NMCI NIPR/NIPR Developer/NMCI SIPR/SIPR Developer accounts
- Use with programming tools such as Python, PowerShell and also able to develop Scripts with Scripting languages/tools
- Approve or disapprove ISSM requests regarding group mailboxes, functional accounts, privileged accounts, NMCI accounts, etc
Skills For Tier & Computer Network Defense Analyst Shift Work TS Resume
- Employ defense-in-depth principles and practices, collect intrusion artifacts (e.g., source code, malware, and Trojans) and use discovered data to enable mitigation of potential computer network defense (CND) incidents within the enterprise
- Provide expert technical support to enterprise-wide CND technicians to document CND incidents, correlate incident data to identify specific vulnerabilities and to make recommendations enabling remediation
- Analyze, produce, and disseminate analytical cyber threat products that assist in identifying threats, priorities, severities, and IA risk mitigation measures
- Perform data analysis, aggregation, event correlation and information security threat definition
- Engage with cyber intelligence analyst counterparts across the US Intelligence and Law Enforcement communities
- Knowledge of security concepts, protocols (TCP/IP, HTTP, etc.), well-known ports (DNS, SMTP, FTP, LDAP, etc.), processes, architectures, and tools (authentication and access control technologies, intrusion detection, network traffic analysis, incident handling, media/malware analysis, etc.)
Skills For Computer Network Defense Analyst Resume
- Experience supporting Operations
- Knowledge and understanding of network protocols, network devices, multiple operating systems, secure architecture and system log analysis
- Intrusion incident analysis
- GCIH, CEH or equivalent
- Certifications: DoD 8570.01 IAT Level III and CSSP Analyst or CSSP Incident Responder Certifications