Incidence Response Analyst -DMDC Program - Secret

Incidence Response Analyst -DMDC Program - Secret

06 Jan 2024
California, Seaside, 93955 Seaside USA

Incidence Response Analyst -DMDC Program - Secret

Vacancy expired!

Incident Response Analyst to support our DoD client located in Seaside, CA. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The key responsibilities listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Primary focus will be on the containment, restoration, investigation, and reporting of activities related to computer security incidents.

Key Responsibilities:
  • Support all aspects of Computer Security Incident Response activities for a large enterprise
  • Conduct analysis of cyber incidents and remediate or recommend remediation as appropriate in accordance with established incident response processes (detection, triage, incident analysis, remediation and reporting)
  • Conduct highly technical examinations, analysis and reporting of computer based evidence related to security incidents (intrusion artifacts/IOCs) or investigations
  • Reconstruct events from network, endpoint, and log data
  • Support personnel to scope, contain, and eradicate cyber incidents
  • Support vulnerability and penetration testing
  • Ensure the secure handling of digital evidence and matter confidentiality
  • Identify recurring incidents within a customer’s environment and determine the need to escalate to the appropriate technical resources, ensuring resolution of more complex issues
  • Recognize potential successful and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information
  • Assist with implementation of countermeasures or mitigating controls as needed
  • Request and analyze on-demand system audits or vulnerability assessments when necessary to determine compliance
  • Be responsible for quality control of incident reports
  • Close incidents and prepare incident reports of analysis methodology and results
  • Communicate effectively and articulate the identified issues and resolution steps to bring the customer’s incident to a resolved state
  • Engage customers in a professional manner, resolving requests and incidents with a high sense of urgency and ownership
  • Track, measure and evaluate Incident Response compliance across the enterprise

Candidate may also provide general technical cybersecurity support in the areas of vulnerability assessment, risk assessment, network security, and security implementation. Additional general duties include implementation and support for protecting the confidentiality, integrity and availability of sensitive information; providing input into the design of IS contingency plans; and conducting testing and audit log reviews to evaluate the effectiveness of current security measures.

Technologies Desired:
  • Experience applying troubleshooting techniques across various server, application, and network technologies including:
    • Operating systems – Windows, RHEL and relevant DoD STIGs
    • Networking knowledge – TCP/IP, inspection tools, and network devices.
    • ArcSight, FireSight
    • DoD tools - vulnerability scanners (ACAS/Nessus) and HBSS (McAfee ePO and point products)
    • WireShark

Required experience:
3+ years of related cyber analysis and incident response experience

Required Qualifications:
  • Must have Active DoD Secret clearance or higher with completed SSBI/T5, and an ability to obtain and maintain a Top Secret clearance
  • Security+ CE and ONE of the following CEH, CFR, CCNA Cyber Ops, CySA+, GCFA, GCIH, SCYBER (may consider obtaining upper level certification within 90 days)
  • Knowledge of DoD security policies and practices
  • Excellent communication and analytical skills
  • Experience with incident response processes (detection, triage, incident analysis, remediation and reporting).
  • Willing to work overtime, holidays, and weekends as necessary

Desired Qualifications
  • Experience in an enterprise environment (1500 servers plus 2500 workstations)
  • Knowledge of CJCSM 6510 policy and procedures
  • Experience with digital investigations including: incident handling and response, network and computer forensics, malware and memory analysis.
  • Experience with ServiceNow or similar service management/ticketing systems
  • Ability to prioritize workload and competing demands

Job Details

  • ID
    JC7895383
  • State
  • City
  • Job type
    Contract
  • Salary
    Depends on Experience
  • Hiring Company
    ASD, Inc.
  • Date
    2021-01-05
  • Deadline
    2021-03-06
  • Category

Jocancy Online Job Portal by jobSearchi.