VetJobs
Cyber Incident Response Analyst (SME) - Hampton, VA (TS/SCI)
VetJobs, Hampton, Virginia, United States, 23661
Overview
5 days ago Be among the first 25 applicants Job Description Cyber Incident Response Analyst (SME)
— Location: Hampton, Virginia; Job Category: Information Technology; Time Type: Full time; Minimum Clearance Required to Start: TS/SCI; Employee Type: Regular; Percentage of Travel Required: Up to 10%; Type of Travel: Continental US The organization works with partner companies to source qualified talent for open roles. This position is available to Veterans, Transitioning Military, National Guard and Reserve Members, Military Spouses, Wounded Warriors, and their Caregivers. If you have the required skill set, education requirements, and experience, please click the submit button and follow the next steps. Unless specifically stated otherwise, this role is On-Site. The Opportunity Seeking a Cyber Incident Response Analyst (SME) to join the Cyber Security Incident Response Team on the DCGS Management Center (DMC) program located at Langley AFB. The candidate should have a strong system administration background, be adept in Windows and Linux environments, have hands-on experience with ELK/Elastic Stack for threat detection and analysis, and be able to follow established Incident Response (IR) processes with minimal supervision. The successful candidate will perform the following responsibilities onsite. Responsibilities
Lead and assist in incident response investigations through all phases (detection, containment, eradication, recovery, lessons learned) to ensure the confidentiality, integrity, and availability of the OA DCGS weapon system. Utilize ELK/Elastic Stack to perform log analysis, threat detection, and investigations; create and maintain security incident reports and dashboards. Escalate and document internal/external security incidents through appropriate ticketing and reporting processing. Design, implement, and maintain cybersecurity SOPs and incident playbooks. Maintain documentation of IR processes and case notes; Ensure security testing and evaluations are completed and properly documented. Support proactive threat hunting and vulnerability assessments. Analyze and correlate logs from varied data sources to identify patterns and anomalies. Understand network protocols and establish baselines to identify abnormal activity. Perform cyber threat analysis and reporting on information from both internal and external sources and appropriately apply gathered cyber threat intelligence to defending the enterprise network. Apply knowledge of Zero-Day vulnerabilities and CVEs to incident handling and remediation. Collaborate with cross-functional teams and external stakeholders as needed. Provide guidance for securing information systems and support cyber vulnerability penetration assessments. Operate independently during shifts and respond to security alerts with urgency. Qualifications
Top Secret/SCI security clearance. Bachelor’s degree in IT Technology, Computer Science, or related field with 4+ years of experience. Degree may be substituted with additional years of experience. DOD 8140 (8570) IAT Level II (Security+ or equivalent). Strong system administration skills across Windows and Linux platforms. In-depth understanding of the Incident Response lifecycle. Proficiency in using the Elastic Stack (Elasticsearch, Logstash, Kibana). Familiarity with enterprise security tools and procedures. Strong problem-solving and analytical skills. Comfortable working with limited supervision in a shift-work setting. Availability to work weekends and holidays as part of our 24/7 operations. Desired: AF DCGS experience. Four to seven years of intelligence network communications or Systems Administration experience. Knowledge of security best practices and standards, including NIST, ISO, and SOC operations. Experience with AWS and/or other cloud security platforms. Background as an ISSO, including STIG/SCAP and vulnerability management. Familiarity with tools such as Tanium, Trellix, and ACAS. Understanding of network architecture and traffic analysis. Basic scripting skills (Python, PowerShell, Bash). Elastic certification or SME-level expertise. Effective written and verbal communication skills for documentation and collaboration. Other details Auto req ID: 458065BR Minimum Education Required: Bachelors Job Category: Information Technology City: Hampton State: Virginia Salary Range: $75,000-$100,000 Affiliates: CACI International Inc Seniority level: Mid-Senior level
#J-18808-Ljbffr
5 days ago Be among the first 25 applicants Job Description Cyber Incident Response Analyst (SME)
— Location: Hampton, Virginia; Job Category: Information Technology; Time Type: Full time; Minimum Clearance Required to Start: TS/SCI; Employee Type: Regular; Percentage of Travel Required: Up to 10%; Type of Travel: Continental US The organization works with partner companies to source qualified talent for open roles. This position is available to Veterans, Transitioning Military, National Guard and Reserve Members, Military Spouses, Wounded Warriors, and their Caregivers. If you have the required skill set, education requirements, and experience, please click the submit button and follow the next steps. Unless specifically stated otherwise, this role is On-Site. The Opportunity Seeking a Cyber Incident Response Analyst (SME) to join the Cyber Security Incident Response Team on the DCGS Management Center (DMC) program located at Langley AFB. The candidate should have a strong system administration background, be adept in Windows and Linux environments, have hands-on experience with ELK/Elastic Stack for threat detection and analysis, and be able to follow established Incident Response (IR) processes with minimal supervision. The successful candidate will perform the following responsibilities onsite. Responsibilities
Lead and assist in incident response investigations through all phases (detection, containment, eradication, recovery, lessons learned) to ensure the confidentiality, integrity, and availability of the OA DCGS weapon system. Utilize ELK/Elastic Stack to perform log analysis, threat detection, and investigations; create and maintain security incident reports and dashboards. Escalate and document internal/external security incidents through appropriate ticketing and reporting processing. Design, implement, and maintain cybersecurity SOPs and incident playbooks. Maintain documentation of IR processes and case notes; Ensure security testing and evaluations are completed and properly documented. Support proactive threat hunting and vulnerability assessments. Analyze and correlate logs from varied data sources to identify patterns and anomalies. Understand network protocols and establish baselines to identify abnormal activity. Perform cyber threat analysis and reporting on information from both internal and external sources and appropriately apply gathered cyber threat intelligence to defending the enterprise network. Apply knowledge of Zero-Day vulnerabilities and CVEs to incident handling and remediation. Collaborate with cross-functional teams and external stakeholders as needed. Provide guidance for securing information systems and support cyber vulnerability penetration assessments. Operate independently during shifts and respond to security alerts with urgency. Qualifications
Top Secret/SCI security clearance. Bachelor’s degree in IT Technology, Computer Science, or related field with 4+ years of experience. Degree may be substituted with additional years of experience. DOD 8140 (8570) IAT Level II (Security+ or equivalent). Strong system administration skills across Windows and Linux platforms. In-depth understanding of the Incident Response lifecycle. Proficiency in using the Elastic Stack (Elasticsearch, Logstash, Kibana). Familiarity with enterprise security tools and procedures. Strong problem-solving and analytical skills. Comfortable working with limited supervision in a shift-work setting. Availability to work weekends and holidays as part of our 24/7 operations. Desired: AF DCGS experience. Four to seven years of intelligence network communications or Systems Administration experience. Knowledge of security best practices and standards, including NIST, ISO, and SOC operations. Experience with AWS and/or other cloud security platforms. Background as an ISSO, including STIG/SCAP and vulnerability management. Familiarity with tools such as Tanium, Trellix, and ACAS. Understanding of network architecture and traffic analysis. Basic scripting skills (Python, PowerShell, Bash). Elastic certification or SME-level expertise. Effective written and verbal communication skills for documentation and collaboration. Other details Auto req ID: 458065BR Minimum Education Required: Bachelors Job Category: Information Technology City: Hampton State: Virginia Salary Range: $75,000-$100,000 Affiliates: CACI International Inc Seniority level: Mid-Senior level
#J-18808-Ljbffr