Cyber Security Incident Responder
BCMC
- Arlington, VA
- Permanent
- Full-time
- Provide support in the detection, response, mitigation, and reporting of cyber threats affecting client networks
- Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations
- Produce reports and briefs to provide an accurate depiction of the current threat landscape and associated risk. •Provide analysis for correlated information sources
- Facilitate the customer's posturing itself to aggressively investigate cyber activity targeting customer information and its information infrastructure
- Assist the customer training department in the education of staff on the cyber threat
- Liaison with other government cyber threat analysis entities, such as intra-agency and inter-agency Cyber Threat Working Groups
- Maintaining proficiency in the use and production of visualization charts, link analysis diagrams, and database queries
- Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions
- Meet and maintain customer required Information Assurance training compliance
- Must be able to receive DHS suitability prior to starting employment.
- Must be a U.S. Citizen
- Hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks
- Experience in computer intrusion analysis and incident response
- Computer network surveillance/monitoring
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Experience in computer evidence seizure, computer forensic analysis, and data recovery
- Computer network forensics
- System log analysis
- Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
- Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Proficiency with MS Office Applications
- Must be able to work collaboratively across agencies and physical locations
- Experience supporting DHS, Federal Civil, Intelligence and/or DoD Customers
- Malware reverse engineering experience
- Scripting experience (Python, Perl etc…)
- Experience with process development and deployment
- Excellent writing skills
- Prior experience with data visualization products such as Analyst Notebook is desired.
- Prior experience with Splunk
- Additional Technical CND Incident Reporter Certification(CEH, GCIH, GCIA, GNFA)
- DoDI 8570.01-M 8570.01-M IAT Level I Compliant Certification (Network + CE, A+ CE, CCNA + Security, SSCP)
- Bachelor's degree in related field and a minimum of 6 years of prior relevant experience
- A Master’s degree in a related discipline may be substituted for 4 years of experience
- Professional experience may be substituted for a degree
SCA04Powered by JazzHR