• Computer Network Defense Administrator

    Job ID 2019-3229
    Job Locations
    DE-Ramstein AFB
    IT: Information Assurance / Quality / Cyber Security
    Regular Full-Time
  • Overview

    NCI is a leading provider of enterprise solutions and services to U.S. defense, intelligence, health and civilian government agencies. Coupled with a refined focus on strategic partnerships, we are successfully bridging the gap between commercial best practices and mission-critical government processes. Core competencies include:

    • Artificial intelligence
    • Agile digital transformation
    • Advanced analytics
    • Hyperconverged infrastructure solutions
    • Cyber security and information assurance
    • Fraud, waste and abuse
    • Engineering and logistics


    NCI has been designated a 2018 Military Friendly Employer by MilitaryFriendly.com 


    Headquartered in Reston, Virginia, NCI has approximately 2,000 employees operating at more than 100 locations worldwide.


    Responsible for incident handling, triage of events, network analysis and threat detection, trend analysis, vulnerability information dissemination for the cyber center in Germany. Coordinate Network Defense Operations and monitor and report incident status, threat possibilities and trending. Have knowledge of Army computer network defense with a strong understanding of the lifecycle of network threats, typical attack vectors, and network and system vulnerability exploitation.

    1. Provide incident response duties as required.
    2. Document and report incidents from initial detection through final resolution using standard DoD incident reporting channels and methods.
    3. Provide remote incident handling support such as forensics collections, intrusion correlation tracking, threat analysis and direct system remediation tasks to onsite personnel.
    4. Monitor open source feeds and reporting on the latest threats against computer network defenses.
    5. Ability to learn the interface, customization, language acceptance, and logic of new CND related tools as the cyber center acquires them.
    6. Utilize malware analysis techniques, advanced statistic and dynamic analysis to identify and assess malicious software.
    7. Monitor intrusion detection and security information management systems to discover and mitigate malicious activity on enterprise networks.
    8. Initiate computer incident handling procedures to isolate and investigate potential network information system compromises.
    9. Perform malware and/or forensic analysis as part of the incident management process.
    10. Identify risks to computer systems and make written and verbal remediation recommendations to senior program staff as well as cyber center leadership.
    11. Respond to General Service Incidents: Service and infrastructure related incidents (loss of service, poor performance, and service anomalies.
    12. Respond to Electronic Spillage incidents where classified, Personal Identifiable Information (PII), Controlled Unclassified Information (CUI), or Networks of Interest (NOI) information is introduced on an IT system or network that it is not authorized to hold or process such data.
    13. Respond to Unauthorized disclosure: any incident where information, data, or files have been made available to a person or persons who do not have authorized access.
    14. Respond to requirements associated with Information Operations Conditions (INFOCON) and higher HQ direction.
    15. Support Investigation activities associated with complex incidents requiring more in-depth data collection for command or law enforcement issues.
    16. Support Security Incident Response to include: Perimeter Configuration Incidents, Security Events to address actual or potential CND events or identified threats; End user level intrusion or rouge systems; vulnerability identification and mitigation; and Mission Assurance Incidents impacting IT systems or networks.
    17. Work in close coordination with the Information Assurance team and SOC to appropriately resolve daily incidents.
    18. Perform other duties as assigned



    • Education: Bachelor of Science/Arts Degree in Engineering or Computer Science or Science or Business Administration or Mathematics. Bachelor's degree plus 3 years of specialized experience, or an associate's degree plus 7 years of specialized experience, or a major certification plus 7 years of specialized experience, or 11 years of specialized experience.

    • Certifications: Network Firewall and/or Integrated Detection/Prevention Systems Certification and DoD 8570.01 M, IAT Level III Baseline Certification.

    • Clearance: Secret clearance (SSBI). 

    • Specialized Experience: Four years of experience using and maintaining Network Firewalls, WEB Proxy, and/or IDS/IPS devices.  Two years of experience with any enterprise network routing/switching device (manufacturer non-specific); Two years direct experience with US military command and control or commercial LAN/WAN communication systems.





    This position requires the ability to perform the below essential functions:

    • Sitting for long periods
    • Ambulate throughout an office


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.