Posted by: Newport News Shipbuilding (a division of Huntington Ingalls Industries) on Sep 10, 2019
Newport News, VA
The Insider Threat Analyst will conduct technical analysis of various internal company data sources for indicators of internal threats in support of the Corporate Insider Threat Program. Using user behavior analytics tools, identify and refer potential threats to appropriate entities. Provide case support as necessary. Work with various stakeholders to refine alerts based on triage results and current events. Develop briefings based on trend analysis and identify new opportunities for program maturation.
Investigates and analyzes all response activities related to cyber incidents within the network environment or enclave. Collects data from a variety of Computer Network Defense (CND) tools, including intrusion detection system alerts, firewall and network traffic logs, and host system logs to analyze events that occur within their environment. Provides operations for persistent monitoring of all designated networks, enclaves, and systems. Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events. Executes first level (initial) responses and addresses reported or detected incidents. Conducts network of software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex software systems to determine both functionality and intent of software systems. Resolves highly complex malware and intrusion issues. Contributes to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations. May prepare and presents technical reports and briefings. May perform documentation, vetting and weaponization of identified vulnerabilities for operational use.
HR. Website URL: