Noblis and our wholly owned subsidiaries, Noblis ESI and Noblis NSP, are solving difficult problems that help our government and our country. We bring the best of scientific thought, management, and engineering expertise with a reputation for independence and objectivity. We support a wide range of government and industry clients in the areas of national security, intelligence, transportation, healthcare, environmental sustainability, and enterprise engineering. Learn more at noblis.org/about.
Why work at a Noblis company?
Our employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public.
Noblis has won numerous workplace awards. Noblis maintains a drug-free workplace and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race.
Noblis is seeking a qualified contributor to provide network security and intrusion detection support. Work includes conducting forensics on end-point devices and network logs, reverse engineering, writing intelligence and forensics reports, and deep packet analysis. Work is Monday through Friday during normal business hours. Join our team in protecting our nation from its adversaries.
- Analyze network traffic logs using Bro, Wireshark, and similar tools
- Build and configure virtual machines in a test-bed environment
- Develop commands and shell scripts in Bash/Linux
- Detect network-based threats
- Build network-based threat scenarios for table-top exercises
- Conduct network vulnerability assessments and carry out basic penetration tests
- Participate in red and blue team penetration testing activities and CTF exercises
- Write detailed reports for response actions & incident handling
- Articulate vulnerabilities, threats, and incidents to managers
Bachelors degree and four (4) years of related experience preferred. If applicable, degree should be in Computer Science, Information Technology, or Cyber Security. In lieu of degree, four (4) additional years of related experience may be considered.
- Three (3)+ years’ experience operating in a SOC or similar environment
- Understanding of OSI Network Model
- Two (2)+ years’ experience Conducting network vulnerability assessments
- Network monitoring such as Netflow, Bro, or full/deep packet inspection
- Experience working in virtual machines
- Knowledge of desktop, mobile, and internet-of-things platforms
- Writing detailed reports of potential vulnerabilities and post-infection events
- Understanding of VPN, VLAN, cloud, and mobile network technologies
- Familiar with network-attack behavior such as malware C2, exploit kits, Trojans, phishing techniques
- Network penetration testing
- Intelligence or threat analysis experience
- Writing YARA signatures
- Reverse engineering experience highly preferred
- Excellent written and oral communication
- Certifications in one of the following: CCNA, CCSP, CEH, CCE, CFE, SANS GCIA, GCIH, GCFA, CISSP