Incident Response Analyst - active TS/SCI clearance

Job Description

Overview

Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism.

As an Incident Response Analyst, you will be at the forefront of defending against cyber-attacks, orchestrating swift and effective responses to security incidents, and mitigating risks to organizational assets. Your role will involve proactive monitoring, rapid detection, thorough investigation, and decisive action to contain and remediate security breaches. This position offers an exciting opportunity to apply your expertise in incident response methodologies, digital forensics, and threat intelligence to protect sensitive data, preserve organizational reputation, and uphold cybersecurity resilience.

This position offers company-paid housing and transportation, a completion bonus and tuition reimbursement program!

You must satisfy all host country requirements to legally work in the host country to include but not limited to the ability to obtain and maintain a host nation visa and host nation driver's license in order to be qualified for this position.

Responsibilities

• Monitor security alerts and logs from various sources to promptly detect and triage potential security incidents, prioritizing based on severity and impact.
• Conduct in-depth investigations into security incidents, employing digital forensics techniques and tools to analyze evidence, identify root causes, and determine the extent of compromise.
• Take immediate action to contain security incidents, prevent further unauthorized access, and eradicate malicious activity from affected systems and networks.
• Perform forensic analysis on compromised systems, networks, and digital artifacts to gather evidence, reconstruct events, and support incident response efforts.
• Proactively search for indicators of compromise (IOCs), anomalous behavior, and emerging threats within organizational environments to detect and mitigate potential security breaches.
• Collaborate closely with cross-functional teams, including IT, security operations, legal, and senior management, to coordinate incident response activities and communicate effectively throughout the incident lifecycle.
• Prepare detailed incident reports documenting findings, actions taken, and lessons learned from security incidents for internal stakeholders, regulatory compliance, and potential legal proceedings.
• Conduct post-incident analysis and lessons learned sessions to identify areas for improvement in incident response processes, procedures, and controls.
• Stay abreast of the latest cyber threats, attack techniques, and security technologies through ongoing training, knowledge sharing, and participation in industry forums and communities.
• Ensure compliance with relevant regulatory requirements, industry standards, and organizational policies related to incident response, data protection, and cybersecurity.
• Perform trend analysis on events and incidents to identify and characterize threats.
• Conduct open-source research to identify commercial exploits or vulnerabilities, including Zero-Day threats, necessitating prompt response actions.
• Prepare comprehensive formal reports and presentations tailored for both technical and executive audiences.
• Configure and optimize software and hardware-based detection and prevention mechanisms.
• Assist in Computer Defense Assistance Program (CDAP) missions as requested by clients.
• Stay abreast of the latest cybersecurity threats, technologies, and best practices.
• Collaborate with cross-functional teams to elevate the overall cybersecurity posture.
• Maintain current knowledge of relevant compliance requirements and ensure adherence.
• Mentor and provide guidance to junior team members.
• Collaborate with external organizations and agencies to share threat intelligence and enhance collective cybersecurity capabilities.
• Performs other duties and assignments as required.

Qualifications

• Qualifications
• Security Clearance:
  • Requires an active Top Secret Clearance with SCI
• Education / Certifications: One year of related experience may be substituted for one year of education if degree is required.
  • Associate's degree or equivalent experience preferably in Computer Science or MIS, IS, Engineering or related field.
  • This position requires candidates to adhere to DoD 8570.01M.
  • All candidates are required to maintain at least one (1) baseline certification and one (1) computing environment (CE) certification. Baseline Environment (BE) certifications cannot also be used as a Computing Environment (CE) certification.
  • The authorized certifications for this job title are listed as follows:
• BASELINE:
  • Cisco: CyberOps Professional
  • Cisco: CCNA: Certified Network Associate - Security
  • CompTIA: Cloud+ ce
  • CompTIA: CySA+ ce: Cybersecurity Analyst
  • CompTIA: PenTest+
  • CyberSec: CFR: First Responder
  • EC-Council: CEH: Certified Ethical Hacker
  • EC-Council: CHFI: Certified Hacking Forensic Investigator
  • GIAC: GCFA: Certified Forensic Analyst: Certified Forensic Analyst
  • GIAC: GCIA: Certified Intrusion Analyst
  • GIAC: GCIH: Certified Incident Handler (Cannot be used as a dual qualifier)
  • GIAC: GICSP: Industrial Cyber Security Professional
• COMPUTING ENVIRONMENT (CE):
  • EC Council: CIH: Certified Incident Handler
  • GIAC: GCFA: Certified Forensic Analyst
  • GIAC: GCIA: Certified Intrusion Analyst
  • GIAC: GCIH: Certified Incident Handler (Preferred) (Cannot be used as a dual qualifier)
  • GIAC: GCWN: Certified Windows Security Administrator
  • GIAC: GDAT: Defending Advanced Threats
  • GIAC: GREM: Reverse Engineering Malware
  • GIAC: GSEC: Security Essentials
  • Offensive Security: Certified Expert
  • Offensive Security: Certified Professional
• Experience: One year of related academic study above the high school level may be substituted for one year of experience up to a maximum of a 4-year bachelor's degree in a Business Information Systems discipline for three years general experience.
  • At least five (5) years of practical experience working with various data (network and system) technologies, with a minimum of two of those years focused on information systems security, cyber threats and SIEM event analysis.
  • Experience with a customer service-oriented company.
• Skills & Technology Used:
  • Ability to troubleshoot servers and infrastructure equipment.
  • Ability to assess networking requirements and provide solutions.
  • Ability to make accurate and independent decisions under pressure.
  • Ability to perform comfortably in a fast-paced, deadline-oriented work environment.
  • Ability to successfully execute many complex tasks simultaneously.
  • Visualization of quantitative (numerical) or qualitative information.
  • Excellent interpersonal, organizational, written, verbal communication, and briefing skills.
  • Excellent analytical and problem-solving skills.
  • Threat Intelligence and visualization technologies.
  • Security enclave engineering.

At V2X, we are deeply committed to both equal employment opportunity, including protection for Veterans and individuals with disabilities, and fostering an inclusive and diverse workplace. We ensure all individuals are treated with fairness, respect, and dignity, recognizing the strength that comes from a workforce rich in diverse experiences, perspectives, and skills. This commitment, aligned with our core Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation, and expand our success in the global marketplace, ultimately enabling us to best serve our clients.

#LI-YG1 #clearance