Cyber Action Officer

NewGen

$90K — $130K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • U.S. Citizenship required
  • Active TS/SCI Clearance mandatory
  • Ability to obtain DHS Suitability
  • Bachelor's in Incident Management, Cybersecurity, or related field; HS Diploma with 7-9 years of relevant experience considered
  • 5+ years of experience in cyber incident management or operations
  • Strong knowledge of incident response and threat handling methodologies
  • Exceptional written and verbal communication skills.

Responsibilities

  • Manage cyber incidents through the entire incident response lifecycle.
  • Create and keep routine reports of cyber incidents in official records.
  • Coordinate with stakeholders, internal and external customers.
  • Validate and evaluate information for optimal incident response actions.
  • Track and update cases and tickets accurately and on time.
  • Draft operational summaries and present to leadership levels.
  • Maintain knowledge objects in the system of record consistently.
  • Manage threats and vulnerabilities by recognizing diverse attack types.

Benefits

  • Opportunity to support U.S. Government missions directly.
  • Work in a critical role within cyber security operations.
  • Engage with various stakeholders, enhancing professional network.
  • Access to ongoing training and professional development opportunities.
Full Job Description
Our Partner is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel perform investigations to characterize the severity of breaches, develop mitigation plans, and assist with the restoration of services. We are seeking a Cyber Action Officer to support this critical customer mission.

Responsibilities:
  • Supporting the management of cyber incidents through the incident response lifecycle.
  • Creating and maintaining routine reporting of cyber incidents in official systems of record, to include case management systems and ticketing.
  • Coordinating with internal and external customers, partners, and stakeholders.
  • Ingesting, validating, and evaluating information to determine optimal courses of action, to include providing response support to requesting entities.
  • Updating and tracking cases and tickets with accuracy, timeliness, reliability, and consistency.
  • Drafting summaries of ongoing operations and be able to provide oral presentations for various levels of leadership.
  • Maintaining knowledge objects in system of record consistently and professionally.
  • Threat and vulnerability management to recognize and categorize types of vulnerabilities, threat actors, and different operational threat environments, and associated attacks (MITRE ATT&CK framework).
  • Knowledgeable of network security monitoring and/or security operations analysis, system administration, operating system hardening, cyber hygiene techniques, and cybersecurity defense policies, procedures, and regulations.
Requirements:
  • U.S. Citizenship
  • Active TS/SCI Clearance
  • Must be able to obtain DHS Suitability
  • BS Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 7-9 incident management or cyber security experience.
  • 5+ years of directly relevant experience in cyber incident management or cybersecurity operations
  • Knowledge of incident response, threat hunting, and handling methodologies
  • Ability to track multiple active engagements, personnel or equipment deployments, as well as coordinate with internal and external stakeholders.
  • Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident
  • Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
  • Skill in recognizing threat actor campaigns, tactics, techniques, and procedures
  • Familiar with basic system and network administration, traffic analysis techniques, Computer Network Defense policies, procedures and regulations
  • Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
  • Excellent oral and written communication skills
Desired Skills:
  • GCIH Certification
  • Familiarity with different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
  • Familiarity with of system and application security threats and attack methods (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)

Similar Jobs

More Jobs at NewGen

More Information Technology Jobs

Find similar Cyber Action Officer jobs: