Posted today
Secret
Senior Level Career (10+ yrs experience)
$110,000 - $150,000
No Traveling
IT - Security
Greenbelt, MD (On-Site/Office)
GRIMM Cyber, a market leader in offensive and defensive tailored cyber security solutions for commercial and government applications, is hiring Incident Response Specialists to help defend NASA enterprise networks against global cyber threats. Since 2013, GRIMM has delivered cybersecurity testing and research to harden avionics and satellite platforms, commercial products and applications, and Federal IT networks to improve cyber resilience. We are looking to grow our team of cyber security professionals committed to client excellence, professional development, and growing technical knowledge for real-world applications.
This position is for onsite delivery of Incident Response (IR) services local to NASA Goddard Space Flight Center (GSFC), in Greenbelt, MD.
• LOE: Fulltime (ASAP – 9/30/2027)
• Location: NASA Goddard Space Flight Center (GSFC), Greenbelt, MD
• CyberSystems Security Engineer 3
• Delivery type: On-site
• Travel Requirements: N/A
• Earliest Start Date: ASAP
Summary of role and responsibilities
Apply an understanding of monitoring, analyzing, detecting, and responding to cyber events and incidents in information systems and networks. Contribute to an integrated, dynamic cyber defense and leverage cybersecurity solutions to deliver cybersecurity operational services, including intrusion detection and prevention, situational awareness of network intrusions, security events and data spillage, and incident response actions. Contribute to the development of innovative principles and ideas, work on unusually complex problems, and provide solutions that are highly creative. Handle major, high impact incidents, generate clear, concise recommendations, and coordinate activities and professional communications across a range of stakeholders. Work closely with security teams to develop, tune, automate, and enhance network and host-based security devices, support the Security Operations Center (SOC) with managing the response to client Cyber intrusions, perform extensive network and host triage, maintain strict chain-of-custody, analyze documentation and reports, and perform remediation, as required.
Basic qualifications
• 12+ years of experience in cyber security or information technology disciplines
• 3+ years of experience with Advanced Persistent Threat (APT) hunting, penetration testing, digital forensics, malware reverse engineering, SOC operations, or incident response
• Experience with Incident Response tools such as SentinelOne, Splunk, or Microsoft Defender
• Ability to adapt communications styles and messaging for professionals at all levels of leadership
• Secret clearance
• Bachelor's degree
• OSCP, CCNA-Security, CySA+, GCIH, GICSP, or PenTest+ Certification or similar industry recognized certification.
Additional qualifications
• Ability to detect and search for MITRE ATT&CK TTPs and common attacker methodologies using PCAP data with tools such as Wireshark
• Ability to analyze Security Information and Event Management (SIEM) alerts to identify security issues for investigation and remediation
• Ability to profile and track malicious actors that pose a threat in coordination with threat intelligence support teams
• Ability to review and analyze security log files from various sources, including cloud, network, endpoint, or ICAM
• Ability to be self-driven, work independently, and handle multiple tasks concurrently
• TS/SCI clearance
Clearance Requirements
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
This position is for onsite delivery of Incident Response (IR) services local to NASA Goddard Space Flight Center (GSFC), in Greenbelt, MD.
• LOE: Fulltime (ASAP – 9/30/2027)
• Location: NASA Goddard Space Flight Center (GSFC), Greenbelt, MD
• CyberSystems Security Engineer 3
• Delivery type: On-site
• Travel Requirements: N/A
• Earliest Start Date: ASAP
Summary of role and responsibilities
Apply an understanding of monitoring, analyzing, detecting, and responding to cyber events and incidents in information systems and networks. Contribute to an integrated, dynamic cyber defense and leverage cybersecurity solutions to deliver cybersecurity operational services, including intrusion detection and prevention, situational awareness of network intrusions, security events and data spillage, and incident response actions. Contribute to the development of innovative principles and ideas, work on unusually complex problems, and provide solutions that are highly creative. Handle major, high impact incidents, generate clear, concise recommendations, and coordinate activities and professional communications across a range of stakeholders. Work closely with security teams to develop, tune, automate, and enhance network and host-based security devices, support the Security Operations Center (SOC) with managing the response to client Cyber intrusions, perform extensive network and host triage, maintain strict chain-of-custody, analyze documentation and reports, and perform remediation, as required.
Basic qualifications
• 12+ years of experience in cyber security or information technology disciplines
• 3+ years of experience with Advanced Persistent Threat (APT) hunting, penetration testing, digital forensics, malware reverse engineering, SOC operations, or incident response
• Experience with Incident Response tools such as SentinelOne, Splunk, or Microsoft Defender
• Ability to adapt communications styles and messaging for professionals at all levels of leadership
• Secret clearance
• Bachelor's degree
• OSCP, CCNA-Security, CySA+, GCIH, GICSP, or PenTest+ Certification or similar industry recognized certification.
Additional qualifications
• Ability to detect and search for MITRE ATT&CK TTPs and common attacker methodologies using PCAP data with tools such as Wireshark
• Ability to analyze Security Information and Event Management (SIEM) alerts to identify security issues for investigation and remediation
• Ability to profile and track malicious actors that pose a threat in coordination with threat intelligence support teams
• Ability to review and analyze security log files from various sources, including cloud, network, endpoint, or ICAM
• Ability to be self-driven, work independently, and handle multiple tasks concurrently
• TS/SCI clearance
Clearance Requirements
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
group id: 90760744
