(Cyber) Incident Management Analyst - Hybrid

Nightwing

$80K — $110K *
Education, Government & Non-Profit
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • U.S. Citizenship is required
  • Active TS/SCI clearance is mandatory
  • Must obtain DHS Suitability
  • 2+ years in cyber incident management or cybersecurity operations
  • Knowledge of incident response and handling methodologies
  • Familiarity with NCCIC National Cyber Incident Scoring System
  • Recognition of various attack stages and types of vulnerabilities

Responsibilities

  • Research and compile resolution steps for potential Computer Network Defense incidents
  • Apply knowledge of threat actor tactics to identify and validate threats
  • Detect and defend against intrusions in IT networks
  • Conduct cursory analysis of log data for incidents
  • Identify incident causes and relevant questions for external entities
  • Track and document Computer Network Defense incidents
  • Coordinate with organizational components to share information on incidents

Benefits

  • Collaborative and innovative work environment
  • Opportunity to work with talented individuals in cybersecurity
  • No mention of specific benefits, indicating potential for personalization or competitiveness in offerings
Full Job Description
Nightwing is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel perform investigations to characterize of the severity of breaches, develop mitigation plans, and assist with the restoration of services. Nightwing is seeking a Cyber Threat Analyst to support this critical customer mission.

Responsibilities:

- Researching and compiling known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents within the enterprise

- Applying knowledge of the tactics, techniques, and procedures of various criminal, insider, hacktivist, and nation state threat actors to identify and validate threats

- Applying cybersecurity concepts to the detection and defense of intrusions into small, and large-scale IT networks, and conduct cursory analysis of log data

- Conducting cursory analysis of log data

- Identifying the cause of an incident and recognizing the key elements to ask external entities when learning the background and potential infection vector of an incident

- Tracking and documenting Computer Network Defense (CND) incidents from initial detection through final resolution

- Working with other components within the organization to obtain and coordinate information pertaining to ongoing incidents.

- Limited candidates may be hired for shift work; assigned to set schedules, triaging and researching incidents for Indicators of Compromise (IOCs), escalating to specialized analysts

Required Skills:

- U.S. Citizenship

- Must have an active TS/SCI clearance

- Must be able to obtain DHS Suitability

- 2+ years of directly relevant experience in cyber incident management or cybersecurity operations

- Knowledge of incident response and handling methodologies

- Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident

- Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)

- Skill in recognizing and categorizing types of vulnerabilities and associated attacks
- Knowledge of basic system administration and operating system hardening techniques
- Knowledge of Computer Network Defense policies, procedures, and regulations
- Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
- Knowledge of system and application security threats and attack methods (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)

- Must be able to work collaboratively across physical locations

Desired Skills:

- Knowledge of basic system administration and operating system hardening techniques
- Knowledge of Computer Network Defense policies, procedures, and regulations
- Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
- Knowledge of system and application security threats and attack methods (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)

Required Education:

BS Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 4-6 years of incident management or cyber security experience.

Desired Certifications:

GCIH, GCFA GISP, GCED, CCFP or CISSP

Arlington, VA

Previously part of a leading Fortune 100 company and headquartered in Dulles, VA; Nightwing became independent in 2024 but continues to support the nation's most mission impactful initiatives.

Similar Jobs

More Jobs at Nightwing

More Education, Government & Non-Profit Jobs

Find similar (Cyber) Incident Management Analyst - Hybrid jobs: