Cyber Defense Incident Responder
US-DC-Washington, D.C.
Careers (External)
Req #: 5775
Type: Full-Time
|
|
|||||||||||
|
||||||||||||
Overview: GovCIO is currently hiring for a Cyber Defense Incident Responder to work 1st or 2nd shift onsite in Washington, DC. Responsibilities: * Respond to cyber incidents, including responding to SOC IR phone calls and SOC emails from the client and customer POCs * Provide support in the detection, responses, mitigation, and reporting of cyber threats affecting internal and external clients' networks * Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in the cyber security operation center * Develop documentation, reports, briefs, and review SOPs with customer to give an accurate depiction of the current threat landscape and associated risk that is affecting the clients' networks * Provide analysis for correlated information sources to the client which is notified by the Cyber SOC Team Lead or the Government Watch Officer * Act as a Subject Matter Expert in investigations for potential incidents at the SOC Tier 1 Level * Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions * Work with SOC federal staff, Shift Lead, Senior Analyst to analyze, triage, contain, and remediate security incidents * Follow Federal IRP, SOC SOPs and other prudent documentation procedures to work and be effective while having an eye towards process improvement/effectivity * Knowledgeable on multiple technology and system types * Able to articulate the incident response lifecycle Qualifications: * Bachelor's with 8+ years of cyber defense incident handling experience (or commensurate experience) * 7+ years of SOC experience, 3+ years working at a senior/lead capacity. Direct experience executing Incident Handling and Response activities * Understanding of Security tools and the Security Stack * Working knowledge of Splunk * Basic understanding of network protocols and packet analysis tools * Cyber Security background * Certification: Splunk Fundamentals I & II and one or more advanced certifications including but not limited to: CISSP, GCIH, GCIA * Clearance Required: Ability to maintain a Public Trust clearance
Share this job:
