anyone got these qualifications?

Dont know why employer or recruiters refuse to be realistic. this is a job listing i just came across.

CGI Federal Defense and Intelligence is seeking an experienced Computer Network Exploitation (CNE) Analyst for our location in Fort Belvoir, Virginia. The candidate will be assigned to help propose, develop, and coordinate appropriate Computer Network Operations (CNO) course of actions (COAs). Prefer candidates with SIGINT and Digital Network Analysis background.Specific Duties: Develop measures of effectiveness (MOEs) and processes to conduct battle damage and effectiveness assessment, detect and assess likely enemy mitigation efforts, and identify potential collateral effects Assist the customer in identifying authorities (DoD or Interagency) for all proposed COAs and identify specific interagency and potential coalition support and actions required Use customer-specific applications to produce time-sensitive intelligence reports to military and national consumers Review threat data from various sources, including appropriate Intelligence databases, to establish the identity and modus operandi of hackers active in customer networks and posing potential threat to customer networks Correlate data into standardized reports, develop cyber threat profiles, produce cyber threat assessments based on entity threat analysis Coordinate cyber threat tracking with counterpart organizations, and populate databases and web pages with critical CNO information needed for customer operations Recommend courses of action based on analysis of both general and specific threats Deliver reports, briefings, and assessments to customer leadership, facilitating in-depth technical and analytical understanding of cyber threat entities and environments Support information assurance and cyber threat mitigation decision makingPreferred Knowledge and Experience: Digital Network Analysis (IDNA) and/or Advanced Digital Network Analysis (ADNA) experience preferred. Demonstrated training/experience/knowledge of one of the following: C, C++, Perl, Java, Assembly Language, Hypertext Markup Language (HTML), JavaScript Prefer at least one of the following certifications: COMPTIA A+, Security+, Network+, Linux Technical experience in Digital Network Analysis and knowledge of the functions and capabilities of common components in IT architectures Knowledge of system and network administration, configuration best security practices, and configuration standards as they apply to IT security. Knowledge of research management procedures. Understanding of computer incident response procedures (proper collection, thorough investigation, unequivocal validation, and internal escalation) and protocols. Working knowledge of system and network exploitation, attack pathologies and intrusion techniques; denial of service attacks, man in the middle attacks, malicious code delivery techniques, fuzzing, automated network vulnerability and port scanning, botnets, password cracking, social engineering, network and system reconnaissance. Familiarity using the following tools: Cadence, Surrey, TrafficThief, CNE Portal and X-Keyscore. Analyst must also have working knowledge of collection systems and tools used to manage requirements along with the ability to develop new requirements and to provide assessments as needed on existing requirements. Demonstrated training/experience using Microsoft Windows 2000 (Server) and 2003 (Server), Microsoft Windows XP, UNIX, Linux and/or Solaris Operating Systems. Experience/knowledge of Operating System theory including Kernel functions, registry functions, process/thread handling, memory management, Remote Procedure Calls, Dynamic Link Libraries, file system manipulation, and application startup procedures. Experience/knowledge of Firewalls and intrusion detection/prevention systems. Experience/knowledge of buffer overflows and other code vulnerabilities, rootkit/malware discovery and removal, cross-site Scripting, and incident response techniques. Experience/knowledge in computer networking concepts. Solid understanding of Transmission Control Protocol/Internet Protocol (TCP/IP), User Datagram Protocol (UDP), Domain Name System (DNS), Address Resolution Protocol (ARP), Routing Information Protocol (RIP), Open Shortest Path First (OSPF), Interior Gateway Routing Protocol (IGRP). Knowledge of typical network services and their associated ports (File Transmission Protocol (FTP), Secure Shell (SSH), TELNET network protocol, Network Basic Input/Output System (NetBIOS), Remote Procedure Call (RPC), Simple Mail Transmission Protocol (SMTP), Post Office Protocol 3 (POP3), Trivial File Transmission Protocol (TFTP), Secure Socket Layer (SSL) An Active TS/SCI is required to begin employmentAdditional Desired Knowledge, Skills, Abilitites: Incident Handling experience and forensic or digital media analysis training desired. Understanding of TCP/IP and the functioning of its component protocols, ability to read, analyze, and parse packet **** using various toolsets such as tcpdump, wireshark, editpcap, etc. Understanding of the OSI model and what protocols function at what layers is a plus. Intermediate malicious code analysis capabilities. Bachelor of Science Degree is preferred but not required, in Computer Science/Engineering, Information Systems Management, Information Assurance, Network Security, or other technical, IT-related field.Desirable to have: SIGINT and Intelligence background. Cisco Certified Network Associate (CCNA) or Intermediate Digital Network Analysis (IDNA) CISCO: Cisco Certified Network Professional (CCNP), Cisco Firewall Specialist, Cisco Intrusion Prevention Specialist (Cisco IPS) Microsoft: Microsoft Certified Professional (MCP), Microsoft Certified System Administrator (MCSA), Microsoft Certified System Engineer (MCSE) RedHat Linux: RedHat Certified Technician (RHCT), RedHat Certified Engineer (RHCE) Global Information Assurance Certification (GIAC): GIAC Security Essentials Certification (GSEC), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH) Certified Ethical Hacker Certified Information Systems Security Professional (CISSP) Other IT industry certifications in Operating Systems, networking, and network securityAt CGI, we're a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to professionals located in 100+ offices worldwide. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients win and grow. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients - and for our members. This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted. No unsolicited agency referrals please.WE ARE AN EQUAL OPPORTUNITY EMPLOYER.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

GarudaMin

Couldn't you have posted the link to the posting? How am I (are we) supposed to read that thing without any formatting?

puertorico1985

Garuda, I believe the problem is that the website was probably formatted this way. This is not the first time I see a vomited wall of text such as this one with qualifications that no one in the world has.

I'll go out on a limb and say that NO ONE is qualified for this position!

GarudaMin

Ok, I looked up the posting. CGI posted it that way. Sorry.

Well one thing is for sure, even if I have all the qualifications of what they are looking for, I wouldn't be applying for it. The reason being: I am not reading it. If CGI's goal is to look for a person who actually have the (whatever you want to call it) to read it and apply, then they achieved their goal.

BGraves

Reading that makes my head hurt, lol.

Probably a position ideally targeted for someone that has done similar work in the military, used those systems, been trained for network exploitation and etc.

da_vato

Often when there is an extremely specific job opening, they already have the person in mind that they want to give the job to. For legal reasons the company probably has to post the job and accept resumes so as to appear “equal” opportunity was given.

My company is making me do this right now for an extremely specialized individual… I don’t agree with the process but it is technically legal even though I feel it’s a loophole.

BGraves

da_vato wrote: »

Often when there is an extremely specific job opening, they already have the person in mind that they want to give the job to. For legal reasons the company probably has to post the job and accept resumes so as to appear “equal” opportunity was given.

Haha probably true about that! They probably made it terrible to read on purpose....
"No one will be able to even read this, so they won't bother applying for it!"

Danielm7

da_vato wrote: »

Often when there is an extremely specific job opening, they already have the person in mind that they want to give the job to. For legal reasons the company probably has to post the job and accept resumes so as to appear “equal” opportunity was given.

My company is making me do this right now for an extremely specialized individual… I don’t agree with the process but it is technically legal even though I feel it’s a loophole.

This happened to me awhile back. A friend called me about a job opening at his company, said that I'd be perfect there, the only issue was if a guy that used to work there wanted to come back. I had all the qualifications, etc. By the time they put the job posting up it specified that they wanted someone with 5-7 years of law enforcement experience, visual basic 5 experience, prior experience on MS office 1997 and Windows NT 4 and a whole load of very specific software they use just in their department. When I called my friend he said... oh, well, I guess they just want this specific guy to come back so they made it impossible for anyone else to get past the screen.

mikeybikes

My head hurts just reading the first couple lines of that. Ouch.

MSP-IT

It doesn't sound too unrealistic. It sounds like they're looking for a SOC Developer who is familiar with both web development/C++ and network operations.

YFZblu

Based on some of the security people I personally know employed with CGI Federal, I can tell you that job advertisement is all fluff.

egrizzly

Computer Network Exploitation (CNE) is another name for Ethical Hacking. So to speak they are looking for an Ethical Hacker. I believe there are professional designations for those in our industry. Certified Ethical Hacker is the term I think, however from reading this job description partially I believe these guys mean serious business. They're looking for a guy that's packing! I mean not only the traditional technical skills as listed but they would need some major security clearance! We're talking intrusion assessment for the most powerful military in the world....Tom Clancy, James Bond, and that other guy that stole the satellite signal probably write stories about people like this...hello!!!

Well, whoever is going for this gig, hope you get it...lol. It's kind of fun as I've been around a threat assessment command center before.

wastedtime

I don't think it is fluff but I would put everything in to a category such as "network protocol". Rate yourself on the category instead of the individual item listed and decide that way. I agree that is terribly formatted and hard to read.

santaowns

I hit everything but the hacking part sign me up hacking can't be too hard if ten year olds can do it lol

W Stewart

^^^ Then you're missing the most important qualification. That might fly if you had some of the desired qualifications of MCSE, CCNP, RHCE, GIAC, CISSP, GSEC, GCIH along with some C/C++, Java, HTML, Javascript and Unix experience with 30+ years of experience and the ability to decipher gibberish. Just remember, they're an equal opportunity employer so everyone is equally unqualified.

da_vato

W Stewart wrote: »

Just remember, they're an equal opportunity employer so everyone is equally unqualified.

Thats priceless right there.... hahahha

colemic

They know they can't find someone to meet all the requirements... so it might be a HR tactic too to lower the salary: well, you only meet 35% of the qualifications, so that's going to push you to the lower (if not lowest) end of the pay scale...

scaredoftests

Me. hah

Wow..

puertorico1985

W Stewart wrote: »

Just remember, they're an equal opportunity employer so everyone is equally unqualified.

That's hilarious! After reading some of the comments, I have determined this this was posted with a candidate already in mind and are posting this for legal reasons, or it was posted by a completely clueless HR rep who was just slamming his/her head against the keyboard.

NinjaBoy

Got some of them, lol

To be honest, a lot of employers will list a wish list and this is one of them, mainly because they use the term "Desirable" several times in that job advert. Checked their site and they seem to be some sort of company that other organisation outsource to??? So getting people who have X certification is in their best interest in order to market it to their clients (to say look at us, aren't we great?).

A lot of these certs can be combined as well, eg if you've got the CCNP you've covered the CCNA, same thing about the old MCSE/MCSA, etc...

MSP-IT

Am I the only one who thinks this posting is actually reasonable?

Xyro

In my area, I see job postings that look like this way too often. At times, they are even for helpdesk.

BlackBeret

I agree, it's very reasonable. If you want this job join the Army as a 35Q for the shortest contract term, get training and experience, then get out and make bank as a contractor.

They're looking for someone who worked in DoD CNE. Everything else would have come with that to include: TS/SCI clearance and experience in Sigint with CNE and the certification requirements posted are to meet DoD 8570 requirements (IAT1 at least). If you notice it says at least ONE of the following.... and starts with A+. The systems and job duties listed would come experience for anyone that has worked in CNE in the DoD. The rest of the certifications are listed as desired, not required, and would come with experience as well.

fredrikjj

I better refresh my RIP skills so I can apply for that job!

Cert Poor

The fact that they're asking for experience with XKEYSCORE and other SIGINT tools mean it's likely they're an NSA contracted company.

darkuser

my.god

and they probably pay 33k

Munkin

Cert Poor wrote: »

The fact that they're asking for experience with XKEYSCORE and other SIGINT tools mean it's likely they're an NSA contracted company.

Not NSA but something close to it.

YFZblu

darkuser wrote: »

my.god

and they probably pay 33k

CGI Federal is paying 85k for Associate-level Security Analysts in Phoenix...I'm sure their red team in VA makes a good deal more.

Deathmage

honestly that looks like every IT certification known to man on the list. Who is the world would have every certification on that list....

YetAnotherITGuy

I know few people with such qualifications and more(telecom, signals and math). They are highly talented contractors who earn three figure salary per hour and have decade of work experience. The posting is not unrealistic. I also know somebody who gained 25 certs in 3 years and worked as a trainer.

W Stewart

It looks ridiculous at a glance but to be honest, when I look at the rate that I've advanced in my career in the 3 years that I've been in IT I've got to wonder where I'll be 10 or 20 years into my career. I'm only 23 now so I'll still definitely be in the work force. The way I see it, at 43, I'm either gonna be able to charge ridiculous amounts of money by the hour for my expertise or I'm gonna be homeless and typecasted in IT due to my age.