REMEDIATION INCIDENT HANDLER

McLean, VA

Industry: ALKU:Gov SysNet Job Number: 130661

REMEDIATION  INCIDENT HANDLER

Candidate MUST HAVE a TS/SCI and Polygraph security clearance in order to be considered.

Program Description:

The contract provides Computer Network Defense and Analysis (CND) to the customer’ s network.  Because the customer allows their user community to access their personal email accounts while on site, there is a lot of spam hitting their network regularly.  This contract is responsible for the 24 x 7 x 365 protection of the customer’ s network from maliciously intended viruses and attacks on their network.

Day-to-Day Responsibilities:
  • The CIRT Remediation Incident Handler on this agency-level Cyber Security Operations and Engineering support contract performs the following duties:
  • Performs the detection, identification, and reporting of possible cyber-attacks/intrusions, anomalous activities, and misuse activities
  • Determines appropriate course of action in response to identified cyber security incidents or anomalous network activity
  • Correlates incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation
  • Recommend enterprise protection measures based on incident trends
  • Prepares detailed recommendations for network defense improvements to close or mitigate incidents

Required
  • Snort, Splunk, WireShark, Fireye, TCPDump,
  • 3+ years in one or more of Networking, Systems Administration, Software Development, Cyber Incident Detection
  • Minimum of five years (SCSA) of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management
  • BS in an IT discipline (for CSA only: 8-10 years’ experience if no BS. Only 50% of CSA positions can use experience waiver)
  • Required Certifications:
  • SCSA- DOD 8570 IAT Level I or CND-IR
  • CSA- DOD 8570 IAT Level I or CND-A

Desired:
  • Experience using PowerShell
  • Experience using Splunk
  • Familiarity with the following classes of enterprise cyber defense technologies:
  • Security Information and Event Management (SIEM) systems
  • Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
  • Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
  • Network and Host malware detection and prevention
  • Network and Host forensic applications
  • Web/Email gateway security technologies

Job Type: Full Time 

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.