Job Requirements
Arlington, VA
Top Secret/SCI Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
If you are interested in this opportunity. Please forward a copy of your updated resume in words format to lli@base-one.com
Responsibilities:
• Serves as hunt and incident response subject matter expert (SME), applying in-depth knowledge on threat actor (TA) tools, techniques, and procedures (TTPs)
• Distills analytic findings into executive summaries and in-depth technical reports
• Provide expert support, analysis, and research with only broad direction into exceptionally complex problems and processes relating to the subject matter as it relates to hunt and incident response activities
• Serves as technical expert on high-level incident response teams providing technical direction, interpretation, and alternatives
• Exercises considerable latitude in determining technical objectives of an assignment or task at hand
• Independently develops technical solutions to complex problems that require the regular use of ingenuity and creativity
• Analyzes incident data and victim environments to recommend targeted mitigations
• Advise technical personnel on countermeasure implementation and customization
• Supports internal stakeholders on containment and eradication missions
• Documents analysis in a standardized knowledgebase for sharing and publication
• Assists in maintaining branch process and procedure documentation
• Guides the completion of hunt and incident response activities
Required Skills:
o U.S. Citizenship
o Must have an active TS/SCI clearance
o Must be able to obtain DHS Suitability
o 8+ years of directly relevant experience in the area of expertise
o Must be able to travel domestically on short notice
o Strong understanding of network architecture/security
o Experience performing cyber incident response
o Ability to think independently
o Demonstrates superior written and oral communication skills
o Must be able to work collaboratively across physical locations
o Skilled in identifying different classes of attacks and attack stages
o Understanding of system and application security threats and vulnerabilities
o Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources
o Proficiency with common operating systems (e,g, Linux/Unix, Windows)
Desired Skills:
o Experience leading and mentoring technical teams
o Knowledge of Computer Network Defense policies, procedures and regulations
o Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
o Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
o Network and System administration experience
o Strong understanding of adversarial tactics/techniques/procedures (TTPs)
o Experience with Identity and Access Management (IAM) tools
o Ability to review and analyze Enterprise Architecture (EA) from a security perspective
o Understanding of cyber defense-in-depth principles
o Hands-on skill in host/network intrusion detection
o Ability to perform event correlation
o Experience with malicious activity analysis
o Ability to collaborate with stakeholders at multiple levels within an organization
Required Education:
BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 10+ years of technical experience in the area of expertise.
Desired Certifications: One or more
- DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst
- DoD 8140.01 GCIA, GCIH, CSSP Analyst/CSSP Incident Responder
- DoD 8140.01 CEH, CSSP Analyst
- SANS GIAC GNFA preferred
- SANS GRID, GICSP, or GCIP a plus
Notes:
Arlington based, on-site position.
Responsibilities:
• Serves as hunt and incident response subject matter expert (SME), applying in-depth knowledge on threat actor (TA) tools, techniques, and procedures (TTPs)
• Distills analytic findings into executive summaries and in-depth technical reports
• Provide expert support, analysis, and research with only broad direction into exceptionally complex problems and processes relating to the subject matter as it relates to hunt and incident response activities
• Serves as technical expert on high-level incident response teams providing technical direction, interpretation, and alternatives
• Exercises considerable latitude in determining technical objectives of an assignment or task at hand
• Independently develops technical solutions to complex problems that require the regular use of ingenuity and creativity
• Analyzes incident data and victim environments to recommend targeted mitigations
• Advise technical personnel on countermeasure implementation and customization
• Supports internal stakeholders on containment and eradication missions
• Documents analysis in a standardized knowledgebase for sharing and publication
• Assists in maintaining branch process and procedure documentation
• Guides the completion of hunt and incident response activities
Required Skills:
o U.S. Citizenship
o Must have an active TS/SCI clearance
o Must be able to obtain DHS Suitability
o 8+ years of directly relevant experience in the area of expertise
o Must be able to travel domestically on short notice
o Strong understanding of network architecture/security
o Experience performing cyber incident response
o Ability to think independently
o Demonstrates superior written and oral communication skills
o Must be able to work collaboratively across physical locations
o Skilled in identifying different classes of attacks and attack stages
o Understanding of system and application security threats and vulnerabilities
o Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources
o Proficiency with common operating systems (e,g, Linux/Unix, Windows)
Desired Skills:
o Experience leading and mentoring technical teams
o Knowledge of Computer Network Defense policies, procedures and regulations
o Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
o Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
o Network and System administration experience
o Strong understanding of adversarial tactics/techniques/procedures (TTPs)
o Experience with Identity and Access Management (IAM) tools
o Ability to review and analyze Enterprise Architecture (EA) from a security perspective
o Understanding of cyber defense-in-depth principles
o Hands-on skill in host/network intrusion detection
o Ability to perform event correlation
o Experience with malicious activity analysis
o Ability to collaborate with stakeholders at multiple levels within an organization
Required Education:
BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 10+ years of technical experience in the area of expertise.
Desired Certifications: One or more
- DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst
- DoD 8140.01 GCIA, GCIH, CSSP Analyst/CSSP Incident Responder
- DoD 8140.01 CEH, CSSP Analyst
- SANS GIAC GNFA preferred
- SANS GRID, GICSP, or GCIP a plus
Notes:
Arlington based, on-site position.
group id: baseone