Yesterday
Secret
Senior Level Career (10+ yrs experience)
IT - Security
Rosslyn, VA (On-Site/Office)
Incident Management SME role will be located in Beltsville, MD or Roslyn, VA. One day remote per week
This role supports the Cyber Incident Response Team (CIRT) as a key member of Incident Response Tiger Team.
The customer requirement requires every employee to be onsite for the first 90 days. After the 90 day period, a hybrid schedule may be offered.
What you’ll do:
Provide Subject Matter Expert (SME) level incident management support in a 24x7x365 environment.
Share in-depth knowledge and intelligence gained from cyber security events with stakeholders.
Protect against and prevent potential cyber security threats and vulnerabilities.
Provide SME level response, technical assistance and expertise for significant cyber incidents, investigations and related operational events.
Conduct advanced analysis and recommend remediation steps.
Develop and implement training programs for incident handling analysts.
Conduct detailed research to increase awareness and readiness levels of the security operations center.
Review, draft, edit, update and publish cyber incident response plans.
Minimum QUALIFICATIONS
Ability to obtain Top Secret security clearance is required, can join with a Secret clearance.
Must have one of the following certifications:
CASP+ CE
CCNP Security
CISA
CISSP (or Associate)
CISSP-ISSAP
CISSP-ISSEP
GCED
GCIH
Ability to manage and resolve highly complex cyber incidents.
Ability to recommend sound counter measures to malicious cyber activity.
Experience in the development of policies and procedures to investigate cyber incidents for the enterprise network.
Experience handling national state level cyber incidents.
Experience with evidence collection, custody and control procedures.
Experience in incident triage.
Perform cyber defense trend analysis and reporting.
Experience with the ServiceNow platform.
Demonstrated knowledge of the Incident Response Lifecycle.
Demonstrated ability to utilize and leverage forensic tools to assist in determining scope and severity of a cybersecurity incident.
Ability to identify remediation steps for cybersecurity events.
Strong organizational skills.
Proven ability to operate in a time sensitive environment.
Proven ability to communicate orally and written.
Proven ability to brief (technical/informational) senior leadership.
Preferred Qualifications:
Experience developing processes and procedures within a help desk or security operations center environment.
Knowledge of network architecture, design and security.
Knowledge of malware analysis, monitoring, and cloud tools and techniques.
Knowledge of system design and process methodologies.
Experience in developing and delivering comprehensive training programs.
Experience collaborating with cross functional teams.
Experience working in the inter-agency environment.
Ability to communicate technical concepts to executive level leadership.
This role supports the Cyber Incident Response Team (CIRT) as a key member of Incident Response Tiger Team.
The customer requirement requires every employee to be onsite for the first 90 days. After the 90 day period, a hybrid schedule may be offered.
What you’ll do:
Provide Subject Matter Expert (SME) level incident management support in a 24x7x365 environment.
Share in-depth knowledge and intelligence gained from cyber security events with stakeholders.
Protect against and prevent potential cyber security threats and vulnerabilities.
Provide SME level response, technical assistance and expertise for significant cyber incidents, investigations and related operational events.
Conduct advanced analysis and recommend remediation steps.
Develop and implement training programs for incident handling analysts.
Conduct detailed research to increase awareness and readiness levels of the security operations center.
Review, draft, edit, update and publish cyber incident response plans.
Minimum QUALIFICATIONS
Ability to obtain Top Secret security clearance is required, can join with a Secret clearance.
Must have one of the following certifications:
CASP+ CE
CCNP Security
CISA
CISSP (or Associate)
CISSP-ISSAP
CISSP-ISSEP
GCED
GCIH
Ability to manage and resolve highly complex cyber incidents.
Ability to recommend sound counter measures to malicious cyber activity.
Experience in the development of policies and procedures to investigate cyber incidents for the enterprise network.
Experience handling national state level cyber incidents.
Experience with evidence collection, custody and control procedures.
Experience in incident triage.
Perform cyber defense trend analysis and reporting.
Experience with the ServiceNow platform.
Demonstrated knowledge of the Incident Response Lifecycle.
Demonstrated ability to utilize and leverage forensic tools to assist in determining scope and severity of a cybersecurity incident.
Ability to identify remediation steps for cybersecurity events.
Strong organizational skills.
Proven ability to operate in a time sensitive environment.
Proven ability to communicate orally and written.
Proven ability to brief (technical/informational) senior leadership.
Preferred Qualifications:
Experience developing processes and procedures within a help desk or security operations center environment.
Knowledge of network architecture, design and security.
Knowledge of malware analysis, monitoring, and cloud tools and techniques.
Knowledge of system design and process methodologies.
Experience in developing and delivering comprehensive training programs.
Experience collaborating with cross functional teams.
Experience working in the inter-agency environment.
Ability to communicate technical concepts to executive level leadership.
group id: apexsan
