Cybersecurity Incident Response Administrator
US-Remote
Careers (External)
Req #: 6784
Type: Full-Time
|
|
|||||||||||
|
||||||||||||
Overview: GovCIO is currently hiring for Cybersecurity Incident Respose Administrator to be responsible for Security Information and Event Management (SIEM) systems . This position will be located in Radford, VA and will be a remote position. Responsibilities: The Senior Cybersecurity Incident Response Administrator (Information Assurance Engineer - Senior) will be responsible for managing Security Information and Event Management (SIEM) systems, including deploying, installing, managing infrastructure, and monitoring events in accordance with Army Business System Log Data Policy and other DoD/Army requirements. The role involves creating SIEM dashboards to display clear and concise visualizations of security-related events, enabling the detection of anomalies and investigation of threats in near real-time. The engineer will monitor SIEM dashboards to detect threats and anomalies, investigate events, and escalate as necessary. Additionally, the role includes assessing and developing reporting requirements to support audits and security controls, providing Public Key Infrastructure (PKI) support, and monitoring DoD and Army web application security standards and best practices. The engineer will review Army Cyber Tasking Orders (CTOs), coordinate with Army Cyber Security Service Providers, participate in SW Assurance reviews, and evaluate Information Systems Design Plans for compliance with relevant security regulations, policies, and best industry practices. * Proficiency in creating and managing SIEM dashboards for security event visualization. * Strong ability to monitor and investigate security events and anomalies. * Experience coordinating with Cyber Security Service Providers for audit logs and incident response. * Participation in SW Assurance reviews for application audit log validation. * Ability to review and evaluate Information Systems Design Plans and related documents for security compliance. Qualifications: High School with 9+ years (or commensurate experience) Required Skills and Experience * Clearance Required: Secret * Cybersecurity Certification (such as Certified Information Systems Security Professional (CISSP)/Information Systems Security Engineering Professional (ISSEP)/Security+/Certified Ethical Hacker (CEH/etc.) * 9+ years' experience with Cybersecurity and Incident Response or related areas * Extensive experience managing Security Information and Event Management (SIEM) systems, including getting relevant data into the SIEM. * Experience in developing reporting requirements for audits and security controls. * Knowledge of Public Key Infrastructure (PKI) and managing SSL/TLS certificates. * Familiarity with DoD and Army web application security standards and best practices. * Ability to review and respond to Army Cyber Tasking Orders (CTOs). ***PENDING CONTRACT AWARD*** Preferred Skills and Experience: * Bachelor's degree in Computer Science * Familiarity with Army enterprise monitoring tools and practices. * Strong analytical and problem-solving skills. * Excellent communication and coordination skills. * Experience with incident response activities. * Knowledge of engineering change proposals and configuration management. * Understanding of Continuity of Operation Plans and Communication Plans. * Experience with security regulations and best industry practices.
Share this job:
