Posted on

Reference #: 7201
Location: Remote
Type: Sub-contract

Donna Cona Inc. is currently seeking a Security Operations Network Analyst, for one of our key clients to enhance the operations team. Primary role will be to safeguard network infrastructure by analyzing various sources of data to identify, investigate, and remediate security incidents. Expertise will be instrumental in bolstering network defenses and protecting users against emerging security threats.

Candidate MUST have the following:

  • Prior experience in a Network Security Operations Center and a technical support/helpdesk environment with a focus on cybersecurity;
  • Proficiency in responding to, investigating, and recovering from network compromise and data breach events;
  • Understanding of optimal network security measures and controls in alignment with industry best practices for cloud services like M365, Microsoft Entra ID, SharePoint, OneDrive, Zoom, and Teams;
  • Familiarity with various types of multi-factor authentication for both on-premises and cloud-based infrastructure and identify network applications and management solutions that can be secured through Microsoft Entra Single Sign On;
  • Analyze network infrastructure including firewalls, syslog systems, log collectors and central identity platforms to assess and investigate security incidents or Indicators of Compromise (IoCs);
  • Maintain an acute awareness of IT network security trends and events;
  • Propose network security enhancements and monitor networks for breaches, investigating violations as they occur;
  • Assist in developing network security standards and best practices for both cloud computing and on-premises environments;
  • Resolve network security incidents across various platforms and ecosystems;
  • Employ a comprehensive range of Palo Alto Networks and Cisco security solutions including, but not limited to, Next-Generation Firewalls, VPN, IDS/IPS, and Cisco ISE for incident management and threat response;
  • Understanding of Sentinel use cases for network equipment and correlation of logs from various networks and end point devices;
  • Create Sentinel Analytical rules to detect security threats originating from network security devices, I.e. Palo Alto firewalls, Zscaler using Kusto Query Language;
  • Exhibit excellent communication skills and situational awareness, working synergistically with technical specialists and system administrators;
  • Deep comprehension of Network Security Operations Center and Security Incident Response Team processes and procedures;
  • Understanding of a myriad of attack vectors, network threat tactics, and attacker techniques;
  • Ability to thrive in ambiguous situations and adapt favorably to change;
  • Possession of certifications like CompTia Security+, CCNA, CCNP, or other relevant certifications;
  • Proficiency with network analysis and security tools;
  • Preference for security-related certifications like CISSP, CEH, Palo Alto Certifications;
  • Understanding of Government network security and compliance requisites;
  • Compile incident reports and submit to Director of ICT;
  • Catalog all incident reports and resolutions in a ticketing solution and SharePoint repository; and
  • Document resolution under incident categories in the network security tools;

Candidate SHOULD have the following demonstrated experience:

  • Prioritize, triage, and validate network alerts and issues to confirm security incidents;
  • Conduct advanced analysis on confirmed incidents to ascertain root cause and impact;
  • Collaborate with cross-functional teams to devise and potentially execute incident mitigation and remediation plans;
  • Assess network security risks and their impact on the Microsoft Cloud platform and other online services;
  • Generate security investigation and technical guidelines for other analysts and teams;
  • Work as part of Cyber defense operations team, to maintain the tools used by Cyber security team and create solutions for potential vulnerabilities, threats detected from ingested network data in Sentinel/ADX;
  • Support cross government incidents and crisis management;
  • Engage in proactive network threat hunting to identify and mitigate potential threats;
  • Utilize tools and technologies like Cisco Umbrella, Zscaler, and a wide spectrum of Palo Alto and Cisco security solutions for network analysis and security incident response;
  • Use Microsoft Sentinel to triage network related incidents; and
  • Threat hunting using Microsoft Kusto Query language in Microsoft Sentinel and Azure Data Explorer;

Donna Cona is committed to a diverse, equitable and inclusive workplace. We are an equal opportunity employer.  We don’t discriminate on the basis of gender, gender identity, sexual orientation, race, national origin, disability, age or any other protected status.   We are committed to maintaining a barrier free recruitment process by providing equal employment opportunities through recruiting and retention of individuals. 

  • To apply for this position please complete the form below.
  • Max. file size: 20 MB.
    Please note that these must be in one document, and can be in .docx, .doc, .pdf or .rtf formats
  • This field is for validation purposes and should be left unchanged.