Posted today
Top Secret/SCI
Senior Level Career (10+ yrs experience)
Unspecified
IT - Security
Adelphi, MD (Off-Site/Hybrid)
Cybersecurity Engineer (TS/SCI required)
Engineering - Adelphi, MD - Full Time
This position is supporting US Army Command, Control, Computers, Communications, Cyber, Intelligence, Surveillance, and Reconnaissance (C5ISR) Defensive Cyber Solutions Branch (DCSB); performing the mission of network defense 24 hours a day, 7 days a week within a high-visibility DOD Security Operations Center (SOC).
Clearance required: TS/SCI
Certs Required: Sec+ or higher
Shift/Hours: 2pm-10pm
Location: Adelphi, MD
Onsite requirements: 2 days on site (3 days remote)
Primary Responsibilities
• Coordinate investigation and response efforts throughout the Incident Response lifecycle
• Correlate and analyze events and data to determine scope of Cyber Incidents Acquire and analyze endpoint and network artifacts to determine impact direct remediation efforts for affected subscribers
• Recognize attacker tactics, techniques, and procedures as potential indicators of
• compromise (IOCs) that can be used to improve monitoring, analysis and Incident Response.
• Develop, document, and maintain Incident Response process, procedures, workflows, and playbooks
• Tune and maintain security tools (IDS and SIEM) to reduce false positives and improve SOC detection capabilities
• Document Investigation and Incident Response actions taken in Case Management
• Systems and prepare formal Incident Reports for affected subscribers
• Work in a dynamic and fast-paced
Engineering - Adelphi, MD - Full Time
This position is supporting US Army Command, Control, Computers, Communications, Cyber, Intelligence, Surveillance, and Reconnaissance (C5ISR) Defensive Cyber Solutions Branch (DCSB); performing the mission of network defense 24 hours a day, 7 days a week within a high-visibility DOD Security Operations Center (SOC).
Clearance required: TS/SCI
Certs Required: Sec+ or higher
Shift/Hours: 2pm-10pm
Location: Adelphi, MD
Onsite requirements: 2 days on site (3 days remote)
Primary Responsibilities
• Coordinate investigation and response efforts throughout the Incident Response lifecycle
• Correlate and analyze events and data to determine scope of Cyber Incidents Acquire and analyze endpoint and network artifacts to determine impact direct remediation efforts for affected subscribers
• Recognize attacker tactics, techniques, and procedures as potential indicators of
• compromise (IOCs) that can be used to improve monitoring, analysis and Incident Response.
• Develop, document, and maintain Incident Response process, procedures, workflows, and playbooks
• Tune and maintain security tools (IDS and SIEM) to reduce false positives and improve SOC detection capabilities
• Document Investigation and Incident Response actions taken in Case Management
• Systems and prepare formal Incident Reports for affected subscribers
• Work in a dynamic and fast-paced
group id: RTL73977
