Network Forensic Analyst – Clark Creative Solutions – Port Hueneme, CA

Job title: Network Forensic AnalystCompany: Clark Creative SolutionsJob description:The network forensic analysis (NFA) team member is responsible for the analysis of all corporate ITtraffic as well as analysis of firewall rules and routing schemes within the environment. They will usetraffic profiling suites housed in tools such as Splunk or Kibana, to search through Zeek logs to identifysuspicious behavior, and pivot into packet captures (when necessary) to extract all necessary data fordeeper analysis, including data need by the other teams.They will also review alerts from intrusiondetection system (IDS) tools (such as Snort) and be able to write and tune rules based on credible threatinformation, such that they minimize false positives. An ideal candidate for this position will have experience with network administration, troubleshooting,and common network communication that occurs across large-scale corporate networks. Additionally,they will also have a strong background in what common communication patterns associated withWindows and Linux client-server-cloud environments will look like.Having experience with “normal”endpoint behavior and how/why common software communicates will be helpful as well. The primary job of the NFA team is to get a holistic view and understanding of the network architecture,common protocols and core services, and then zero in on concerning anomalies and/or patterns in thenetwork traffic. SkillsProficiency with tools such as• Big data analysis platforms• Splunk, Elastic Stack, etc. • Low level pcap analysis tools• Wireshark, Arkime (formerly Moloch), etc.• Zeek (formerly Bro)• Snort• Suricata• Analysis of• Network maps• DNS configuration• Routing tables• Subnet isolation• Traffic flow patterns• Snort and Suricata rule match verification• Firewall and VPN logs• Analysis skillset• Clear technical documentation• Communication with EL as well as HFA and ICS analysts to dig deeper into what is being• found in network traffic, so the responsible endpoints can be investigated further to• identify the root causePowered by JazzHRExpected salary:Location: Port Hueneme, CAJob date: Sat, 13 Aug 2022 07:35:20 GMTApply for the job now!Apply tot his job