Information Systems Security Officer who will perform continuous system monitoring to identify malicious cyber-attacks while supporting the containment, and remediation of IT threats. Additionally, this position will monitor networks and applications to identify a possible cyber-attack or intrusion and help coordinate and report on the cyber incident responses.
Key Responsibilities:- Vulnerability Management actions to include providing recommendations. Implement mitigations.
- Conduct intrusion analysis and correlation of unauthorized activities; provide and implement recommendations to improve customer mitigation processes
- Perform threat insight processes to provide analysis to support mitigation and remediation activities
- Analyze cyber incidents, correlate incident details, and formulate and implement response actions with guidance from leadership
- Participate in Root Cause Analysis process and documentation capturing efforts taken to mitigate unauthorized actions
- Participate in the development of DCO tactics, techniques, and procedures
- Participate in the development of DCO concept of operations, processes, and procedures
- Identify security discrepancies and report and respond to security incidents
- Provide research and analysis in support of expanding programs and areas of responsibility
- Draft documentation for briefings, reports, and informational analyses
- Assist in the development of local Tactics, Techniques, and Procedures (TTPs)
- Participate in customer exercises (after duty hours may be required)
- Adhere to defined policies, master plans and schedules
- Complete all initial and annual training requirements and disclosures as outlined by BSTG
- Perform all other duties as required, consistent with the goals, objectives, and responsibilities of the department
Required Qualifications: - 4+ years of relevant experience
- 2+ years of experience with a SIEM Tool (LogRhythm, Splunk)
- 2+ years of experience with employment of DoD cybersecurity requirements, policies, and procedures to include assessment and authorization activities
- Experience within a vSOC, SOC, or CSSP responding to cyber incidents
- Department of Defense Directive (DoDD) 8140 (formerly DoDD 8570) IAT CSSP Certification must be obtained prior to hire (CEH, CCNA Security, GCIH, CySA+ or Equivalent)
- Bachelor's degree in Computer Science, Information Technology, or a related field
- US Citizenship and an active Top Secret/SCI security clearance required
Desired Qualifications:- Experience performing cybersecurity activities in support of software and system requirements, design, development, testing, and sustainment
- Experience with HBSS, ACAS, SCAP Compliance Checker (SCC), DISA STIGs
- Working knowledge of NIST 800-53 Security and Privacy Controls
- Experience with RHEL
- Experience in performing post-incident computer forensics without destruction of critical data
- Ability to provide guidance on DoD Cyber regulations and requirements to engineering and software development staff
