Incident Manager II

Solutions3 LLC

$90K — $120K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • US Citizenship required
  • Active TS/SCI clearance needed
  • 2+ years in cyber incident management or cybersecurity operations
  • Bachelor's in Incident Management, Operations Management, Cybersecurity, or related field, or HS Diploma with 4+ years of experience
  • Knowledge of incident response methodologies and NCCIC Cyber Incident Scoring System

Responsibilities

  • Research and compile mitigation strategies for Computer Network Defense incidents
  • Apply knowledge of various threat actor tactics to identify and validate threats
  • Detect and defend against intrusions into networks and analyze log data
  • Monitor external data sources for updates on Cyber Defense threat conditions
  • Identify incident causes and key inquiry elements for external entities
  • Analyze network alerts and determine causes
  • Document and track Cyber Network Defense incidents from detection to resolution

Benefits

  • Support for ongoing professional development
  • Opportunity to work with U.S. Government agencies
  • Collaborative environment across multiple locations
  • Exposure to cybersecurity best practices and incident response techniques
  • Engagement with high-profile critical infrastructure security incidents
Full Job Description
Title: Incident Manager II

Description:
Solutions³ LLC is supporting our prime contractor and their U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution.

Solutions³ LLC is seeking Cyber Case Manager to perform investigations to characterize the severity of breaches, develop mitigation plans, and assist with the restoration of services.

Eligibility:
  • Must be aUS Citizen
  • Must have anactive TS/SCIclearance
  • Must be able to obtainDHS Suitabilityprior to starting employment
  • 2+ years of directly relevant experience in cyber incident management or cybersecurity operations
Responsibilities Include:
  • Researching and compiling known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents within the enterprise
  • Applying knowledge of the tactics, techniques, and procedures of various criminal, insider, hacktivist, and nation state threat actors to identify and validate threats
  • Applying cybersecurity concepts to the detection and defense of intrusions into small, and large-scale IT networks, and conduct cursory analysis of log data
  • Conducting cursory analysis of log data
  • Monitoring external data sources (e.g., Computer Network Defense vendor sites, Computer Emergency Response Teams [CERTs], SANS, Security Focus) to maintain currency of Computer Network Defense threat condition and determine which security issues may have an impact on the enterprise
  • Identifying the cause of an incident and recognizing the key elements to ask external entities when learning the background and potential infection vector of an incident
  • Receiving and analyzing network alerts from various sources within the enterprise and determine possible causes of such alerts
  • Tracking and documenting Computer Network Defense (CND) incidents from initial detection through final resolution
  • Working with other components within the organization to obtain and coordinate information pertaining to ongoing incidents.
  • Providing support during assigned shifts
Required Skills:
  • Knowledge of incident response and handling methodologies
  • Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident
  • Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
  • Skill in recognizing and categorizing types of vulnerabilities and associated attacks
  • Knowledge of basic system administration and operating system hardening techniques
  • Knowledge of Computer Network Defense policies, procedures, and regulations
  • Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
  • Must be able to work collaboratively across physical locations
Desired Skills:
  • Knowledge of basic system administration and operating system hardening techniques
  • Knowledge of Computer Network Defense policies, procedures, and regulations
  • Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
Desired Certifications: GCIH, GCFA GISP, GCED, CCFP or CISSP
Required Education: BS Incident Management, Operations Management, Cybersecurity, or related degree; or HS Diploma with 4+ years of incident management or cyber security experience

Similar Jobs

More Jobs at Solutions3 LLC

More Information Technology Jobs

Find similar Incident Manager II jobs: