31 Jan
7046- Incident Responder
Virginia, Alexandria , 22301 Alexandria USA

Vacancy expired!

Job Posting Title: Incident Responder

Worksite Location: Alexandria, VA

Clearance: Top SecretAlliant Information Technologies, Inc. a subsidiary of IndraSoft, Inc., is seeking highly qualified Incident Responder with an active Top Secret clearance to support our DoD client, located in Alexandria, VA. The selected, highly motivated candidate will perform as the lifecycle Incident Responder activities for a complex, geographically dispersed, mission-critical enterprise. The successful candidate will leverage demonstrated experience in incident response, threat management, vulnerability management, asset management, and configuration management to support DoD cybersecurity requirements and objectives. To perform this job successfully, the selected candidate must be both a cybersecurity generalist, with significant experience across multiple technical domains, and a specialist in offensive cybersecurity tactics, techniques, and procedures (TTPs).

Required Clearance:
  • Active Top Secret clearance with T5/SSBI background investigation

Required Education, Experience, and DoD Cybersecurity Workforce Compliance:
  • Bachelor s degree in computer science, computer forensics, cybersecurity, information security, or similar technical discipline AND 3+ years of Incident Responder cybersecurity experience
  • For the exceptional candidate, an additional 4 years of military or civilian professional cybersecurity experience will be considered in lieu of a Bachelor s degree
  • Active DoD 8570 CSSP Incident Responder certification for compliance, including at least one of the following certifications in good standing: CEH, CYSA+, CFR, CCNA Cyber Ops, CCNA Security, CHFI, GCFA, GCIH, SYCYBER

Required Qualifications:
  • Conducting Incident Responder activities for a DoD enterprise environment (1000 servers plus 1500 workstations)
  • Knowledge of DoD cybersecurity policies, practices, and requirements, specifically including NIST and CJCSM 6510 policy and procedures
  • Experience with digital investigations including: incident handling and response, network and computer forensics, malware and memory analysis
  • Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholders
  • Capacity to thrive in a complex, chaotic environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutions
  • Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk
  • Willing to work overtime, holidays, and weekends as necessary to support cybersecurity initiatives and incident response

Desired Qualifications:
  • Development experience in languages such as C/C, Java, Python, and Ruby, as well as experience in command line scripting languages such as Bash and PowerShell
  • Database security management with experience detecting and preventing SQL injection and other threats, and preferred certifications such as the Oracle Database Security Expert
  • Experience utilizing DoD tools, including the Assured Compliance Assessment Solution (ACAS) vulnerability scanner, host-based security system (HBSS), and McAfee ePolicy Orchestrator (ePO)
  • One or more penetration testing certifications, including: LPT, PenTest+, GPEN, GWAPT, GXPN, or OSCP
  • Systems architecture, engineering, and networking experience, with preferred certifications such as SSCP, Network+, CCNA, CCNP, CCIE, GISF, GCED, GPPA, or GDSA
  • Experience in threat, vulnerability, and risk management and mitigation, with preferred certifications such as CySA+, GEVA, GCTI, GMON, CRISC, or CISA
  • Experience supporting all aspects of diverse endpoint systems, with preferred certifications such as Linux+, Server+, GCWN, GCUX, MCSA, MCSE, or SCCM
  • Knowledge of and experience administering, optimizing, and securing cloud environments, with preferred certifications such as Cloud+, CCSP, AWS Certified Security, AWS Certified Advanced Networking, Oracle Cloud Infrastructure Certified Associate, or Oracle Cloud Infrastructure Certified Architect Professional

Job Description:This role requires a passion for cybersecurity, outside-the-box thinking, and the drive and intellect to uncover and connect discrete data points to build comprehensive threat and vulnerability analyses.

Key Responsibilities:
  • Incident Response
    • Serve as the primary incident responder for DoD Customer
    • Support all aspects of Computer Security Incident Response activities for a large enterprise, including coordination with other government agencies and reporting of incidents
    • Conduct analysis of cyber incidents and remediate or recommend remediation as appropriate in accordance with established incident response processes (detection, triage, incident analysis, remediation and reporting)
    • Conduct highly technical examinations, analysis and reporting of computer based evidence related to security incidents (intrusion artifacts/IOCs) or investigations, leveraging all cybertools
    • Reconstruct events from network, endpoint, and log data
    • Support vulnerability and penetration testing
    • Ensure the secure handling of digital evidence and matter confidentiality.
    • Identify recurring incidents within a customer s environment and determine the need to escalate to the appropriate technical resources, ensuring resolution of more complex issues.
    • Recognize potential successful and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information.
    • Assist with implementation of countermeasures or mitigating controls as needed
    • Request and analyze on-demand system audits or vulnerability assessments when necessary to determine compliance
    • Recommend changes or improvements to the incident management system
    • Close incidents and prepare incident reports of analysis methodology and results
    • Communicate effectively and articulate the identified issues and resolution steps to bring the customer s incident to a resolved state
    • Engage customers in a professional manner, resolving requests and incidents with a high sense of urgency and ownership
    • Track, measure and evaluate Incident Response compliance across the enterprise
Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor s legal duty to furnish information. 41 CFR 60-1.35(c)See job description

Vacancy expired!

Subscribe for new vacancies

Related jobs

»Incident Response Lead
2021-01-31
»Incident Response Lead
2021-01-31
»Senior Incident Response Consultant (Remote, Southeast Region - US)
2021-01-31
»Senior Incident Response Consultant (Remote, Southeast Region - US)
2021-01-31
»Senior Incident Response Consultant (Remote, Southeast Region - US)
2021-01-31
»Incident Response Lead
2021-01-31
»Incident Response Lead
2021-01-31
Report job