Virginia Staffing
Cyber Security Engineer
Location: Springfield, VA Type: Contract To Hire Compensation: $135k Security Clearance: TS/SCI What You'll Get To Do: Coordinate and implement cyber security response tasks, including: Performing analysis and documentation Implementing containment measures (e.g., IP/domain blocks, disabling user accounts per Government direction) Coordinate with: Security and Installations Directorate (SI) Office of Counterintelligence (SIC) Insider Threat Office (SIII) Law enforcement and counterintelligence personnel for advanced incident triage Collaborate with appropriate authorities to produce security incident reports Categorize security incidents and events Ensure proper incident reporting, containment, and eradication by coordinating with: Other contracts Organizations Activities and services De-conflict red/blue team activity with open incidents/events Ensure full recovery from incidents/events across the NGA enterprise Build timelines, briefings, documentation, and other products to inform stakeholders of: Incident response actions Adversary activities Blue force (defensive) responses Log detailed actions and analysis in the authorized ticketing system to enable full reconstruction of events More About The Role: Generate and update incident reports in: Joint Incident Management System (JIMS) Incident Case Management System (ICMS) Other authorized systems as directed Develop and execute (with Government approval) custom tools, scripts, and capabilities for data collection and incident response Perform digital forensics and media analysis on host, server, and network data, including: Volatile/non-volatile memory System artifacts Develop and disseminate indicators of compromise (IOCs) to cybersecurity stakeholders Provide adversary attribution and perform malware analysis/signature development Coordinate with CSOC Tier 1 & 2 teams to: Remediate discrepancies Provide recommendations to prevent reoccurrence Position Requirements You'll Bring These Qualifications: Bachelor's degree or 6+ years of cybersecurity experience (CSOS) Active TS/SCI clearance; ability to obtain polygraph DoDD 8140.01 and DoD 8570.01-M: IAT Level II CSSP Incident Responder Provide input and coordination for: Daily CSOC Significant Activity Report Daily CSOC Operations Update Weekly CSOC Status Report Serve as a C-IRT member under Government C-IRT Commander direction Develop and coordinate courses of action with Government/contract stakeholders When authorized, execute Defensive Cyberspace Operations Internal Defensive Measures (DCO-IDM) on NGA networks Perform malware reverse engineering and digital media analysis Develop and execute custom scripts, tools, and capabilities (as authorized) Deliver incident investigation reports within 30 days of C-IRT stand-down, covering: Full incident lifecycle Host/network analysis Recommendations for TTP improvements Conduct weekly Quality Control reviews of closed Tier 2 CSOC tickets to ensure: Proper categorization Thorough documentation Appropriate notifications These Qualifications Would Be Nice To Have: Master's degree IAT Level III certification
Location: Springfield, VA Type: Contract To Hire Compensation: $135k Security Clearance: TS/SCI What You'll Get To Do: Coordinate and implement cyber security response tasks, including: Performing analysis and documentation Implementing containment measures (e.g., IP/domain blocks, disabling user accounts per Government direction) Coordinate with: Security and Installations Directorate (SI) Office of Counterintelligence (SIC) Insider Threat Office (SIII) Law enforcement and counterintelligence personnel for advanced incident triage Collaborate with appropriate authorities to produce security incident reports Categorize security incidents and events Ensure proper incident reporting, containment, and eradication by coordinating with: Other contracts Organizations Activities and services De-conflict red/blue team activity with open incidents/events Ensure full recovery from incidents/events across the NGA enterprise Build timelines, briefings, documentation, and other products to inform stakeholders of: Incident response actions Adversary activities Blue force (defensive) responses Log detailed actions and analysis in the authorized ticketing system to enable full reconstruction of events More About The Role: Generate and update incident reports in: Joint Incident Management System (JIMS) Incident Case Management System (ICMS) Other authorized systems as directed Develop and execute (with Government approval) custom tools, scripts, and capabilities for data collection and incident response Perform digital forensics and media analysis on host, server, and network data, including: Volatile/non-volatile memory System artifacts Develop and disseminate indicators of compromise (IOCs) to cybersecurity stakeholders Provide adversary attribution and perform malware analysis/signature development Coordinate with CSOC Tier 1 & 2 teams to: Remediate discrepancies Provide recommendations to prevent reoccurrence Position Requirements You'll Bring These Qualifications: Bachelor's degree or 6+ years of cybersecurity experience (CSOS) Active TS/SCI clearance; ability to obtain polygraph DoDD 8140.01 and DoD 8570.01-M: IAT Level II CSSP Incident Responder Provide input and coordination for: Daily CSOC Significant Activity Report Daily CSOC Operations Update Weekly CSOC Status Report Serve as a C-IRT member under Government C-IRT Commander direction Develop and coordinate courses of action with Government/contract stakeholders When authorized, execute Defensive Cyberspace Operations Internal Defensive Measures (DCO-IDM) on NGA networks Perform malware reverse engineering and digital media analysis Develop and execute custom scripts, tools, and capabilities (as authorized) Deliver incident investigation reports within 30 days of C-IRT stand-down, covering: Full incident lifecycle Host/network analysis Recommendations for TTP improvements Conduct weekly Quality Control reviews of closed Tier 2 CSOC tickets to ensure: Proper categorization Thorough documentation Appropriate notifications These Qualifications Would Be Nice To Have: Master's degree IAT Level III certification