Insight Global
TS SCI Incident Responder - Senior
Insight Global, Washington, District of Columbia, us, 20022
Position Overview:
The Incident Responder facilitates and coordinates with the FBI Deputy CISO, CISO, and other leaders to provide expert technical support to the enterprise-wide cyber defense technicians to resolve cyber defense incidents. Correlates incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation to any attacks within the FBI networks. The contractor will respond to cyber incidents as necessary and act as a liaison between entities within the FBI as well as internal and external stakeholders within the organization.
Responsibilities:
Collects intrusion artifacts (e. g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
Performs analysis of log files from a variety of sources to identify possible threats to network security.
Performs cyber defense incident triage, to include determining scope, urgency and potential impact, identifies the specific vulnerability, and making recommendations that enables expeditious remediation.
Performs cyber defense trend analysis and reporting.
Assists in Incident Response processes and in the enhancement of behavioral analytics including the development of Concept of Operations and Standards Operating Procedures.
Develops and maintains models for cyber threat mitigation and improves on threat modeling.
Use behavior analytics (UBA) and ensures all infrastructure components meet proper performance standards.
Coordinates and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.
Coordinates incident response functions.
Monitors external data sources (e. g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat conditions and determine which security issues may have an impact on the enterprise.
Performs cyber defense trend analysis and reporting.
Performs initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
Receives and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
Writes and publishes after-action reviews.
Writes and publishes cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies.
Writes, assist, and coordinates annual FBI-wide Tabletop Exercise Training Event (TTX) in coordination with OCIO personnel.
Assists junior Incident Response Technicians in their tasks.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal. com. To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/. In lieu of some experience, industry certifications can be substituted (e. g., ISC2 CISSP, EC-Council Certified Incident Handler (C|IH), EC-Council Certified Network Defender (C|ND), SANS GCIH, SANS GCIP, SANS CFCA, Carnegie Mellon University CSIH Requirements: A minimum of 8+ years of experience is required for this position. Active TS/SCI Clearance
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal. com. To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/. In lieu of some experience, industry certifications can be substituted (e. g., ISC2 CISSP, EC-Council Certified Incident Handler (C|IH), EC-Council Certified Network Defender (C|ND), SANS GCIH, SANS GCIP, SANS CFCA, Carnegie Mellon University CSIH Requirements: A minimum of 8+ years of experience is required for this position. Active TS/SCI Clearance