Today
Secret
Unspecified
Unspecified
IT - Security
CO (On-Site/Office)•Huntsville, AL (On-Site/Office)
Description
Perform Defensive Cyber Operations (DCO)/Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM) Perform cybersecurity duties on customer networks (proactively and reactively) to improve enterprise-wide security posture Analyze correlated assets, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defensive posture Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation Measure effectiveness of defense-in-depth architecture against known vulnerabilities Generate vulnerability assessment reports for customers and escalate for further review Support Incident Response across the enterprise IAW DoD regulations and instructions Lead cyber events and incident investigations from start to conclusion, to include gathering data, analysis, and reporting Assist in developing an Exploitation Analyst training plan by instructing, evaluating, and mentoring junior, mid, and senior analysts Receive, review, and implement directed Higher Headquarters Tasking Orders (HHQ) and/or Fragmentary Orders weekly Perform Cyber Threat Emulation (CTE) actions with Automated Security Validation toolset as directed by HHQ Execute CTE actions within the approved network zones with the specific adversary tactics, techniques, and procedures Create custom dashboards and reports to communicate post engagement analysis of each CTE engagement, including identified vulnerabilities, recommended remediation steps, assessment of the system's security posture, and incident response to government within a specified amount of time after completion of engagement Draft and submit Cyber Tasking Orders (CTOs) to remediate issues found in report finding during CTE actions Collaborate with the Cyberspace Domain Awareness (CDA) to develop evaluation criteria and methodologies aligned with HHQ inspection requirements and industry best practices Other duties as assigned
Requirements
Education/Training:
Experience:
Security:
Physical Requirements:
Benefits
Salary: $120,000.00 - 132,000.00
Salary rates for this position are competitive and commensurate with experience and industry standards. We offer a comprehensive benefits package that may include health insurance, paid time off, and retirement savings options.
Perform Defensive Cyber Operations (DCO)/Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM) Perform cybersecurity duties on customer networks (proactively and reactively) to improve enterprise-wide security posture Analyze correlated assets, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defensive posture Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation Measure effectiveness of defense-in-depth architecture against known vulnerabilities Generate vulnerability assessment reports for customers and escalate for further review Support Incident Response across the enterprise IAW DoD regulations and instructions Lead cyber events and incident investigations from start to conclusion, to include gathering data, analysis, and reporting Assist in developing an Exploitation Analyst training plan by instructing, evaluating, and mentoring junior, mid, and senior analysts Receive, review, and implement directed Higher Headquarters Tasking Orders (HHQ) and/or Fragmentary Orders weekly Perform Cyber Threat Emulation (CTE) actions with Automated Security Validation toolset as directed by HHQ Execute CTE actions within the approved network zones with the specific adversary tactics, techniques, and procedures Create custom dashboards and reports to communicate post engagement analysis of each CTE engagement, including identified vulnerabilities, recommended remediation steps, assessment of the system's security posture, and incident response to government within a specified amount of time after completion of engagement Draft and submit Cyber Tasking Orders (CTOs) to remediate issues found in report finding during CTE actions Collaborate with the Cyberspace Domain Awareness (CDA) to develop evaluation criteria and methodologies aligned with HHQ inspection requirements and industry best practices Other duties as assigned
Requirements
Education/Training:
- Bachelor's degree in Cybersecurity, Computer Science or related field
- DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CySA+, GICSP, GSEC, Security+ CE, SSCP) required
- Must have, or obtain within 6 months of start date, a PenTest+ certification
Experience:
- 6+ years of directly related professional experience
- Experience should include performing manual or automated penetration testing in an enterprise environment
- Practical experience with vulnerability assessment, cybersecurity frameworks, or conducting risk assessments
- Experience performing the full life cycle of incident response and enterprise-level monitoring
- Experience with Cyber Threat Emulation tools, policies, and procedures
- Experience operating custom software on top of a Linux platform
- Experience with security analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network Devices, and Operating Systems (e.g., Windows, and Linux)
- Experience with other Security Operations Centers (SOC)/DCO tools/applications, such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, Network Security Manager, Bluecoat, Barracuda, etc.
- Experience performing security compliance scans across a WAN (ACAS/Nessus preferred)
- Background in configuration, troubleshooting, and deployment of host-based security (ESS preferred)
- Familiarity with DoD Security Operations Centers (SOC) (aka CSSP) preferred
- Familiarity with DCO/Cybersecurity Service Provider (CSSP)-guiding security policies and procedures preferred
Security:
- Must be a US citizen
- Candidate must be in possession of a minimum DoD issued Secret Clearance and eligibility for TS/SCI
- Candidates with active current TS/SCI preferred
Physical Requirements:
- Able to occasionally reach with hands and arms
- Prolonged periods of computer screen use, while sitting or standing at a desk
- Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.)
- Able to safely lift and carry up to 20 pounds at a time
Benefits
- Health Care Plan (Medical, Dental & Vision)
- Retirement Plan (401k, IRA)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off (Vacation, Sick & Public Holidays)
- Short Term & Long Term Disability
- Training & Development
- Wellness Resources
Salary: $120,000.00 - 132,000.00
Salary rates for this position are competitive and commensurate with experience and industry standards. We offer a comprehensive benefits package that may include health insurance, paid time off, and retirement savings options.
group id: 10290392
