Jul 25
Public Trust
$125,000 - $150,000
IT - Security
Washington, DC (On-Site/Office)
Cyber Defense Incident Responder
1st shift - 7am-3:30pm
Washington, DC - onsite
All candidates must be open/flexible for all shifts in this 24/7 environment
Responsibilities:
• Respond to cyber incidents, including responding to SOC IR phone calls and SOC emails from the client and customer POCs
• Provide support in the detection, responses, mitigation, and reporting of cyber threats affecting internal and external clients’ networks
• Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in the cyber security operation center
• Develop documentation, reports, briefs, and review SOPs with customer to give an accurate depiction of the current threat landscape and associated risk that is affecting the clients’ networks
• Provide analysis for correlated information sources to the client which is notified by the Cyber SOC Team Lead or the Government Watch Officer
• Act as a Subject Matter Expert in investigations for potential incidents at the SOC Tier 1 Level
• Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions
• Work with SOC federal staff, Shift Lead, Senior Analyst to analyze, triage, contain, and remediate security incidents
• Follow Federal IRP, SOC SOPs and other prudent documentation procedures to work and be effective while having an eye towards process improvement/effectivity
• Knowledgeable on multiple technology and system types
• Able to articulate the incident response lifecycle
Qualifications:
• Bachelor's with 8+ years of cyber defense incident handling experience (or commensurate experience)
• 7+ years of SOC experience, 3+ years working at a senior/lead capacity. Direct experience executing Incident Handling and Response activities
• Understanding of Security tools and the Security Stack
• Working knowledge of Splunk
• Basic understanding of network protocols and packet analysis tools
• Cyber Security background
• Certification: Splunk Fundamentals I & II and one or more advanced certifications including but not limited to: CISSP, GCIH, GCIA
• Clearance Required: Ability to maintain a Public Trust clearance
1st shift - 7am-3:30pm
Washington, DC - onsite
All candidates must be open/flexible for all shifts in this 24/7 environment
Responsibilities:
• Respond to cyber incidents, including responding to SOC IR phone calls and SOC emails from the client and customer POCs
• Provide support in the detection, responses, mitigation, and reporting of cyber threats affecting internal and external clients’ networks
• Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in the cyber security operation center
• Develop documentation, reports, briefs, and review SOPs with customer to give an accurate depiction of the current threat landscape and associated risk that is affecting the clients’ networks
• Provide analysis for correlated information sources to the client which is notified by the Cyber SOC Team Lead or the Government Watch Officer
• Act as a Subject Matter Expert in investigations for potential incidents at the SOC Tier 1 Level
• Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions
• Work with SOC federal staff, Shift Lead, Senior Analyst to analyze, triage, contain, and remediate security incidents
• Follow Federal IRP, SOC SOPs and other prudent documentation procedures to work and be effective while having an eye towards process improvement/effectivity
• Knowledgeable on multiple technology and system types
• Able to articulate the incident response lifecycle
Qualifications:
• Bachelor's with 8+ years of cyber defense incident handling experience (or commensurate experience)
• 7+ years of SOC experience, 3+ years working at a senior/lead capacity. Direct experience executing Incident Handling and Response activities
• Understanding of Security tools and the Security Stack
• Working knowledge of Splunk
• Basic understanding of network protocols and packet analysis tools
• Cyber Security background
• Certification: Splunk Fundamentals I & II and one or more advanced certifications including but not limited to: CISSP, GCIH, GCIA
• Clearance Required: Ability to maintain a Public Trust clearance
group id: COMPHLP
