Senior Cyber Incident Handling Analyst

Job Description

Overview

This position description is subject to change at any time as needed to meet the requirements of the program or company.

Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism.

The Defensive Cyber Operations (DCO) division within the Regional Cyber Center - Europe (RCC-E) is looking for a candidate with strong scripting abilities, experience with systems security administration, and network security technologies. The Senior Cyber Incident Handling Analyst will design, implement, automate, maintain, and optimize measures protecting systems, networks, and information.

This position is contingent upon successful contract award to V2X.

#clearance

Responsibilities

Major Job Activities:

• Detect, document, and report potential or confirmed incidents and security issues.
• Analyze events utilizing Security Information Event Management (SIEM) systems, Big Data Analytics, and other supporting platforms or applications.
• Conduct incident handling actions in accordance to established procedures.
• Coordinate and perform incident response investigations.
• Conduct quality control of incidents and investigations to maintain compliance with applicable policies.
• Develop recommendations to enhance detection capabilities and implement mitigation measures in response to general or specific threats (attempted exploits, attacks, malware delivery, etc.).
• Assist in designing and integrating custom rules and reports within data collection platforms.
• Prepare technical summaries and briefings.
• Provide technical expertise regarding the defense of information systems and networks.
• Correlate event data to create situational awareness and trend analysis reports.

Material & Equipment Directly Used:

• Basic Office Equipment

Working Environment:

• Normal office environment
• May require support during periods of non-traditional working hours including nights or weekends.

Physical Activities:

• Must be able to lift / push / pull 40 lbs. unassisted.

Qualifications

Required Education / Certifications:

• Candidates must possess one of the following:
  • Education:
    • A Bachelor's degree in Engineering or Computer Science or Science or Business Administration or Mathematics plus five (5) years of specialized experience; OR
    • An Associate's degree plus seven (7) years of specialized experience; OR
    • A major certification plus seven (7) years of specialized experience; OR
    • 11 years of specialized experience.
  • OR, one of the following Certifications:
    • Certified Ethical Hacker - Professional (CEH(P))
    • EC-Council Certified Ethical Hacker (ECIH)
    • GIAC Response & Industrial Defense (GRID)
    • Rocheston Certified Cybersecurity Engineer, Level 1 (RCCE Level 1)
    • Cisco Certified CyberOps Associate (CBROPS)
    • Certified Cloud Security Professional (CCSP)
    • Certified Ethical Hacker (CEH)
    • CLOUD+
    • Federal IT Security Professional - Operator (FITSP-O)
    • GIAC Certified Enterprise Defender (GCED)
    • GIAC Certified Incident Handler (GCIH)
    • GIAC Security Essentials (GSEC)
    • PENTEST+
    • SECURITY+
    • CertNexus CyberSec First Responder (CFR)
    • Cybersecurity Analyst (CySA+)
    • GIAC Certified Forensic Analyst (GCFA)
    • GIAC Certified Intrusion Analyst (GCIA)
    • GIAC Global Industrial Cyber Security Professional (GICSP)
• Additionally , candidates must also possess at least one of the following certifications:
  
  • Cisco Cyber Ops Professional
  • GIAC Certified Enterprise Defender (GCED)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Forensic Examiner (GCFE)
  • GIAC Continuous Monitoring (GMON)
  • GIAC Network Forensic Analyst (GNFA)
  • Blue Team Level 2
  • Microsoft Certified: Cybersecurity Architect Expert

Required Experience:

• Experience in monitoring intrusion detection and security information management systems to detect malicious and/or anomalous activity.
• Experience in triaging and evaluating the detected events to determine if an incident occurred.
• Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents.
• Experience in coordinating responses to incidents with both technical and non-technical parties.
• Knowledge of hacker techniques (TTPs) and exploits, including current security threat landscape.
• Experience documenting incidents from initial detection through final resolution.
• DCWF Proficiency Level: Intermediate - Cybersecurity (Cyber Defense Incident Responder) (531).

Clearance Requirement:

• This position requires an active Top Secret / Sensitive Compartmented Information (TS / SCI) Security Clearance.

Skills & Technology Used

• ArcSight, AESS, JRSS, IronPort, Security Onion, Gabriel Nimbus BDP

At V2X, we are deeply committed to both equal employment opportunity, including protection for Veterans and individuals with disabilities, and fostering an inclusive and diverse workplace. We ensure all individuals are treated with fairness, respect, and dignity, recognizing the strength that comes from a workforce rich in diverse experiences, perspectives, and skills. This commitment, aligned with our core Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation, and expand our success in the global marketplace, ultimately enabling us to best serve our clients.