ACTION MEMORANDUM FOR ALL AAS/SW AREA AND REGION COMMANDERS AND PRESIDENTS: FOR IMMEDIATE DISTRIBUTION TO ALL MEMBERS
SUBJECT: PAID INTERNSHIP; CYBER FOCUSED STUDENTS WITH IRONNET INC
FROM THE EXECUTIVE DIRECTORS
1. IronNet Cybersecurity Incorporated is accepting applications for as many as two internship positions in the Washington DC metro area. THE SUSPENSE FOR APPLICATION SUBMISSION IS 17 FEBRUARY 2017 AND EARLIER APPLICATIONS ARE STRONGLY ENCOURAGED.
2. IronNet is exclusively offering these internships to AAS/SW students based on the performance of last year's AAS/SW Interns. Students interested in these internships will apply directly with IronNet and do not need to go through the EMC. A detailed position description and application instructions for these internships is below.
3. These positions are for interns working within the IronNet Cyber Operations Center (CyOC) conducting computer network defense operations and implementing security controls on behalf of large organizations with expansive and complex network topologies. Once integrated into operations, these positions require the ability to detect and analyze anomalies within company infrastructure, integrate engineered solutions, implement security controls and collaborate on IT requirements across multiple divisions throughout the company. Applicants should have an understanding of general cybersecurity, and incident response frameworks that are used both nationally and internationally. Shift work may be required. Travel required: 25%
- Conduct data mining and research operations amongst a variety of tool sets to perform network security analysis on any anomalous activity and potential adversary Tactics, Techniques and Procedures (TTPs).
- Analyze threat feeds, various information resources, and memory the of systems to look for Indicators of Compromise (IOCs) of running processes, handles, files, keywords, network communications, privileged user accounts, and other security events.
- Conduct analytical assessments and use corresponding products to produce reports, or visualization tools to answer requests for information or daily operations center use.
- Collaborate with other network analysts and threat intelligence analysts to achieve network security and incident response objectives.
- Determine deviations in the network configuration and rapidly identify/develop countermeasures within security designs (enterprise architecture, firewalls, VPN, and security technologies).
- Regularly assess network security controls and devise strategies for implementing IronNet Network Security program throughout the enterprise.
- Monitor and manage enterprise security technologies (firewalls, endpoint solutions).
- Collaborate with an "operationalized mitigations team" by making recommendations for network hardening, mapping, configuration and other diagnostic considerations.
- Identify and enhance network performance measures and availability.
5. Focus of positions:
Initial responsibilities will revolve around monitoring and developing workflows around security solutions for any indications of potentially malicious activity. Additional responsibilities will include the use, testing and making recommendations for the development of a world class threat hunting platform as a subcomponent of a larger framework. A longer term opportunity will include added responsibility for computer network defense operations within the Cyber Operations Center at IronNet.
- Knowledge of Windows and other OS internals and popular file systems
- Linux/UNIX system administration, along with network (router and switch), Web server, firewall, or DNS administration
- Demonstrate knowledge/experience with Host or Network IDS/IPS, NetFlow, protocol collection and analysis tools
- Knowledge of vulnerability assessment and penetration testing tools
- Knowledge of entire TCP/IP or OSI network protocol stack, including major protocols such as IP, Internet Control Message Protocol (ICMP), TCP, User Datagram Protocol (UDP), Simple Mail Transfer Protocol (SMTP), Post Office Protocol 3 (POP3), Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), and SSH · Familiarity of malware analysis tools and frameworks
7. Highly desirable qualities:
- Security+ Certified Ethical Hacker (CEH)
- Military or formal vocational technical training in computer network
- Degree in computer science/engineering, Cybersecurity or related field
- Cisco Certified Network Administrator/Professional (CCNA/CCNP)
- Certified Information System Security Professional (CISSP)
- Certified Computer Examiner (CCE)
- Computer Security Incident Handler (CSIH)
- Linux Professional Institute Certification 1 (LPIC‐1)
- Microsoft Certifications (MCSE, MCITP)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Penetration Tester (GPEN)
- GIAC Reverse Engineering Malware (GREM)
8. Application Instructions:
Applicants should electronically submit a resume and copy of complete transcripts to the following POCs by 17 Feb 2017 for a 03 Mar 2017 selection. Applicants should inform the EMC at firstname.lastname@example.org when applying; however, the EMC does not need to review the application and will not be involved in selection.
Primary POC: Christine Gordon, Christine.Gordon@ironnetcybersecurity.com
Alternate POC:Trisha Dixon, Trisha.Dixon@ironnetcybersecurity.comSigned//DPW//26 Oct 2016