Computer Network Exploitation Analyst
The Computer Network Exploitation Analyst provides analytic support at both network and host level to augment Government team charged with identifying and characterizing anomalies on USG networks.
- Analyzes network packet information, computer OS system data, executable file data, host data and metadata to identify and characterize anomalies on USG networks.
- Provides reporting on activities, and assist in the development and optimization of new and existing tools and techniques to enhance analytic capabilities.
Qualifications include experience in the following. Relevant edcational degrees can be substituted for some of these.
- Computer Network Exploitation,
- Vulnerability Assessment,
- Penetration Testing,
- Incident Response,
- Network and/or host forensics.
- Analysis of host data at rest, including: Microsoft Windows operating systems, system internals, file attributes,
- Executable file analysis (particularly PE files including dynamic linked libraries), File Hashing and Fuzzy File Hashing (e.g., ssdeep, fciv, and md5deep)
- Forensic analysis of Windows systems, UNIX systems, and/or mobile devices.
- Commercial, open source or GOTS tools for intrusion detection (e.g., Snort, BroIDS).
- Packet capture/evaluation (e.g., tcpdump, ethereal/wireshark, NOSEHAIR).
- Network mapping/discovery (e.g., nmap, TRICKLER).
- Industry standard system/network tools (e.g., netcat, netstat, traceroute, rpcinfo, nbtscan,
- snmpwalk, Sysinternals suite).
- Implementing networks with IPv6 protocols.