Cyber Defense Incident Responder

Company Overview:
Subsidium, Inc. is a global provider of engineering, systems integration, technical, and programmatic services to both Government and Commercial entities. Subsidium provides mission critical services to Department of Defense (DoD) customers in CONUS, OCONUS, and forward deployed environments. Our customers demand the innovative, flexible, and mission focused approach that we deliver. Subsidium is dedicated to helping our customers overcome challenges through innovative solutions; particularly the continuing and evolving challenges presented in the transformation of the U.S. military and in the global war on terror. Subsidium and its employees are committed to mission accomplishment and organizational excellence.

Location: Naval Station Norfolk, VA

Job Summary:
The Cyber Defense Incident Responder is responsible for identifying, analyzing, and responding to cybersecurity incidents within the Joint Enabling Capabilities Command (JECC). This role ensures the protection of JECC's information systems by implementing proactive measures, conducting forensic investigations, and coordinating incident response activities. The Cyber Defense Incident Responder plays a critical role in maintaining the security and operational integrity of JECC's IT infrastructure.
Responsibilities/Duties:
Key Responsibilities:

1. Incident Response and Management:
   • Detect, analyze, and respond to cybersecurity incidents, including unauthorized access, malware infections, and denial-of-service attacks.
   • Complete initial incident reports within 4 hours of notification and final reports within 8 business hours.
   • Collaborate with the USTRANSCOM Cyber Operations Center to ensure timely resolution of incidents.
2. Forensic Analysis:
   • Conduct forensic investigations to determine the root cause and impact of cyber incidents.
   • Preserve evidence and document findings to support damage assessments and future mitigation efforts.
3. Threat Monitoring and Detection:
   • Monitor JECC's network and systems for indicators of compromise and emerging threats.
   • Utilize tools and techniques to identify vulnerabilities and recommend corrective actions.
4. Coordination and Reporting:
   • Work closely with service providers and stakeholders to ensure effective incident handling and reporting.
   • Provide detailed reports on incident trends, vulnerabilities, and mitigation strategies.
5. Policy and Compliance:
   • Ensure compliance with DoD cybersecurity policies, including DFARS 252.204-7012 and USTRANSCOM directives.
   • Support the development and implementation of security policies and procedures.
6. Training and Documentation:
   • Provide training to JECC personnel on incident response protocols and best practices.
   • Maintain continuity folders and ensure all incident-related documentation is up-to-date.

Qualifications:

• Proficiency Level: Basic (B) in the Cyber Defense Incident Responder (531) work role.
• Skills: Expertise in incident response, forensic analysis, and threat detection.
• SECRET clearance required; TOP SECRET/SCI eligibility preferred.

Education/Certifications:

• Relevant cybersecurity certifications (e.g., CEH, GCIH, GCFA) preferred.

Benefits and Perks:

• Medical / Vision and Dental Plans
• Holiday and Personal Time Off Pay
• 401K
• Life Insurance
• Education and Training Assistance Program (discussed during the onboarding process)
• Incentive Plans and Referral Bonuses
• Employee Assistance Programs

Subsidium, Inc is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.