Cyber Incident Response Analyst with Security Clearance
3 weeks ago
Direction and coordination are achieved through a shared incident tracking system and other means of coordination and communication
Primary Responsibilities
• Lead and mentor a team of cybersecurity analysis, fostering a collaborative and high-performance culture.
* Provide expert analysis investigative support of large scale and complex security incidents, and in many cases identify incidents for which a technical detection may not be available.
* Ensure compliance with relevant regulations and standards guiding the SOC into maintaining its security posture.
* Identify patterns/outliers within data sets that match threat actor TTPs, post compromise behavior, and otherwise unusual activity, such as insider threat.
* Create and modify security SIEM dashboards to clearly identify scope of findings, or monitor activity
* Drive implementation and improvement of new tools, capabilities, frameworks, and methodologies
• Instill and reinforce industry best practices in the domains of incident response, cybersecurity analysis, case and knowledge management, and SOC operations
• Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat conditions and determine which security issues may have an impact on the enterprise.
* Promote and drive implementation of automation and process efficiencies
• Provide guidance and mentorship to improve analyst skill sets and ensure delivery of high-quality analysis and work products
• Establish trust and business relationships with customer and other relevant stakeholders Basic Qualifications All Incident Response Analyst candidates shall have a minimum of a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field PLUS eight (8) years of experience in incident detection and response, malware analysis, and/or cyber forensics
Additional 4 years of experience may be substitute in lieu of degree.
• 4+ years of supervising and/or managing teams
• 5+ years of intrusion detection and/or incident handling experience
• Advanced knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a large and complex Enterprise
* In-depth knowledge of each phase of the Incident Response life cycle
* Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
* Understanding of Enterprise Network Architectures to include routing/switching, common protocols (DHCP, DNS, HTTP, etc.), and devices (Firewalls, Proxies, Load Balancers, VPN, etc)
* Expertise of Operating Systems (Windows/Linux) operations and artifacts
* Significant experience supervising and leading employees of various labor categories and technical skill levels in efforts similar in size and scope to a mature Security Operation
• Mature understanding of industry accepted standards for incident response actions and best practices related to SOC operations;
• Strong written and verbal communication skills, and the ability to create technical reports based on analytical findings.
• Strong analytical and troubleshooting skills
Certification Requirement: One of the following: CASP, CYSA+, CLNP, Pentest+, GCIH, GCFA, GCFE, GREM, GISF, GXPN, GWEB, GNFA, GCTI, GOSI, OSCP, OSCE, OSWP, OSEE, CCFP, CISSP, CCNA-Security, CCNP-Security Security Clearance Required:
• Active TS/SCI clearance to be considered
• Must be US Citizen
* In addition to specific security clearance requirements, all SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program. Preferred Qualifications
• Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.
• Hands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization including prior experience performing large-scale incident response.
• Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
• Familiarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments
Original Posting Date: 2024-04-17
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above
Pay Range: Pay Range $101,400.00 - $183,300.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary
Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
-
Incident Response Analyst
3 weeks ago
Ashburn, United States Agile Defense Full timeAgile Defense We are in the business of innovation through information technology and cybersecurity, delivered exceptionally. View company page Agile Defense provides leading-edge Digital Transformation solutions to support and advance our customers' mission. We deliver innovative and high-quality services to our customers worldwide through an empowered and...
-
Ashburn, United States Anonymous Employer Full timePrimary Responsibilities • Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies. • Perform web app pentests • Perform vulnerability risk assessment • Perform physical pentests and social engineering • Perform cyber incident response as needed for programs Basic Qualifications Bachelors'...
-
Cyber Network Defense Analyst
2 weeks ago
Arlington, VA, United States ZP Group Full timeCyber Network Defense Analyst - Level IV Arlington, VA Job Id: 87992 Job Category: Other Job Location: Arlington, VA Security Clearance: TS/SCI Business Unit: ZP Group Division: Not Defined Position Owner: Trudee Wooden Zachary Piper Solutions provides remote and onsite advanced technical assistance, proactive...
-
Cyber Network Defense Analyst Level III
1 week ago
Arlington, VA, United States ZP Group Full timeCyber Network Defense Analyst Level III Arlington, VA Job Id: 87991 Job Category: Other Job Location: Arlington, VA Security Clearance: TS/SCI Business Unit: ZP Group Division: Not Defined Position Owner: Trudee Wooden The DHS’s Hunt and Incident Response Team (HIRT) secures the Nation’s cyber and...
-
Cyber Threat Detection Engineer SME
2 weeks ago
Ashburn, United States CareerBuilder Full timeBS degree in Science, Technology, Engineering, Math or related field and 8 years of prior relevant experience with a focus on cyber security or Masters with 6 years of prior relevant experience. Should have 5 years of experience serving as a digital media Primary Responsibilities Identify gaps in malicious activity detection capabilities Create new...
-
Quincy, MA, United States State Street Corporation Full timeWho are we looking for: State Street seeks to recruit an Early Career Cyber Security Operations Center (SOC) analyst that will assist in the detection, triage, analysis and response to cyber-attacks. The analyst will join our SOC team which will run a 24/7 coverage, 365 days a year model, with a partner team in Ireland. The SOC team is responsible for...
-
Cyber Security Operations Center
4 days ago
Quincy, MA, United States State Street Corporation Full timeState Street seeks to recruit a SOC Manager for its Cyber Defense Center. The SOC Manager will help lead the triage, analysis and response to cyber-attacks. Join us in evolving our response capabilities to protect State Street, its customers and partners from ever-evolving and sophisticated threat actors. State Streets Cyber Fusion Center is responsible for...
-
Linux Cyber Security Engineer
1 week ago
Ashburn, United States Gray Tier Technologies LLC Full timeGray Tier Technologies is seeking a Linux Cyber Security Engineer who is a self-starter with good analytical and problem-solving skills, flexibility, good judgment, and the ability to work on concurrent tasks in an effective manner. Will be a member of a multi-disciplined team working in a high pressure, fast paced environment. Responsibilities will include...
-
Detection Engineer- Secret Cleared
2 weeks ago
Ashburn, United States Federal Staffing Solutions Inc. Full timeJob DescriptionJob DescriptionWe connect our employees with some of the best opportunities around.Time and time again, our employees tell us that the most important thing we offer is respect. Federal Staffing Solutions puts people to work in all types of jobs. When you work with us, you build a relationship with a team of employment professionals in your...
-
Senior Penetration Tester
1 week ago
Ashburn, United States Gray Tier Technologies LLC Full timeDepartment of Homeland Security (DHS), Enterprise Security Operations Center (ESOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents...
-
Senior Penetration Tester
2 weeks ago
Ashburn, United States Gray Tier Technologies Full timeDepartment of Homeland Security (DHS), Enterprise Security Operations Center (ESOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents...
-
Senior Penetration Tester
2 days ago
Ashburn, United States Gray Tier Technologies LLC Full timeDepartment of Homeland Security (DHS), Enterprise Security Operations Center (ESOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents...
-
Penetration Tester
3 days ago
Ashburn, United States Gray Tier Technologies LLC Full timeGray Tier Technologies is looking for a Penetration Tester to support Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) which is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security...
-
Quincy, MA, United States State Street Corporation Full timeWho we are looking for State Street's Global Cyber Security (GCS) Third Party Cyber Risk Management (TPCRM) program seeks to mitigate a variety of third-party information security risk in accordance with the Bank's cyber risk appetite. Through a framework that addresses policy, process, operations, people, and technology, GCS protects our infrastructure,...
-
Project Engineer Jr/ Project Manager
3 weeks ago
Ashburn, United States Base One Technologies Full timeThe Engineer will be leading critical SOC engineering projects including projects such as launching applications into the AWS Cloud, Splunk logging, and SIEM implementation, etc. The Project Engineer will need to work with the customer to prioritize operational issues, engineering activities, and development efforts, and drive the schedule to completion....
-
Protective Security Officer
4 weeks ago
Ashburn, United States Master Security Full timeJob DescriptionJob DescriptionMaster Security is a leading provider of security services to government and private sector clients in the North Capitol Region. With a history of reliability spanning more than 50 years, Master Security continues to provide focused, experienced, and professional security personnel and security solutions.Master Security is...
-
Cyber Audit, Assistant Vice President
5 days ago
Boston, MA, United States State Street Corporation Full timeWho we are looking for We are looking for a highly skilled and experienced Cyber Auditor, Assistance Vice President to join our global cyber audit team. To succeed in this role, you need to have a deep understanding of cyber risks processes, controls, industry standards, and should have a strong knowledge of NIST, MITRE, and Defense in Depth concepts. You...
-
Mid-Level System Security Analyst
1 week ago
Ashburn, United States AgileTek Solution LLC Full timeMinimum Job Requirements: This role serves as a “hands-on” mid-level security analyst who will be responsible for interfacing with the security engineering, operations and build teams, assisting with the development and/or maintenance of various POAMs, input to System Security Plans (SSP) and associated documentation for multiple environments, gathering...
-
Mid-Level System Security Analyst
2 days ago
Ashburn, United States AgileTek Solution LLC Full timeMinimum Job Requirements: This role serves as a “hands-on” mid-level security analyst who will be responsible for interfacing with the security engineering, operations and build teams, assisting with the development and/or maintenance of various POAMs, input to System Security Plans (SSP) and associated documentation for multiple environments, gathering...
-
Responsive Security Specialist
2 weeks ago
Honolulu, HI, United States Securitas Inc. Full timeResponsive Security SpecialistWe help make your world a safer place.Securitas is a global company that offers the most advanced and sustainable security solutions in the industry. We are located in 47 countries and have 355,000 employees worldwide and over 150,000 clients.Securitas plays an essential role for our clients and in society. The Security Officer...
