Incident Response Officer
1 month ago
Lackland Air Force Base, San Antonio, TX, USA
Req #6383
Tuesday, April 9, 2024
STS Systems Support, LLC (SSS) is seeking an Incident Response Officer (Intermediate)
Requirements:
Active TS/SCI
Extensive knowledge of network firewalls, computer and server log analysis, computer network servers (DNS, proxy, e?mail, domain controller, file server, Active Directory) and analysis of their logs; extensive knowledge of digital evidence collection, handling and security
Experience with computer incident response and analysis and report dissemination
Extensive knowledge and experience with network packet capture and analysis software such as WireShark (Ethereal) and Snort
Experience with standard DoD network topology and DMZ boundary protection
Experience with system analysis software (i.e. EnCase/EnCase Enterprise or FTK), software coding and debugging, and the virtual machine (VM) environment.
Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects)
BA/BS or MA/MS
Duties:
Upon identification of suspicious activity on AF networks, open network intrusion investigation(s) to validate the unauthorized activity and determine the type and extent of activity.
Participate and contribute to lessons learned meetings and briefings.
When CAT events are escalated to incident response, complete incident response process, including: preparation, identification and scoping, containment, eradication and remediation, recovery, and lessons learned.
Upon identification of suspicious activity on AF networks, open network intrusion investigation(s) to validate the unauthorized activity and determine the type and extent of activity.
Provide AF Office of Special Investigations (OSI) DCO technical support to law enforcement and counter?intelligence agencies and activities if required.
Support planned and same?day Incident Response deployments.
Comply with 3rd party MOU/MOA monitoring and reporting requirements. Analyze host DCO events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities. (CDRL A002)
Conduct cyber investigations in order to determine the initial vector and overall timeline of intrusion, accurately identify the threat, determine the full scope of impact, and develop containment and remediation actions for approval.
Author and review incident report forms (IRF) for security incidents within JEMS. Ensure the document is accurate and provides the correct amount of technical detail needed. (CDRL A008)
Provide AF Office of Special Investigations (OSI) DCO technical support to law enforcement and counter?intelligence agencies and activities if required.
Generate end of mission reports (MISREPS) and provide pass?on information for knowledge transfer to subsequent /crews of analysts on duty regarding the latest suspicious traffic seen from a given port, Internet Protocol (IP), etc. with no more than a 5% error rate.
Generate end of mission reports (MISREPS) and provide pass?on information for knowledge transfer to subsequent /crews of analysts on duty regarding the latest suspicious traffic seen from a given port, Internet Protocol (IP), etc. with no more than a 5% error rate.
Provide computer security?related support to AF field units (examples: 688 Cyber Wing Squadrons, Base Communications Squadrons, Mission Defense Teams), as directed by CCC, in countering vulnerabilities, minimizing risk, and improving the security posture of AF computers networks and systems within the scope of AFIN SOC operational requirements and mission execution.
Initiate emergency checklists due to imminent threat, as directed by Crew Commander. Call emergency responders (Security Forces/Fire Department etc.) if needed via 911. The Crew Commander is responsible for all official reporting.
Inform Crew Commander for all anomalies to include, but not limited to: utility outages, flooding, sick/missing members, or any other irregularity with the potential to adversely impact the mission.
Participate in planning, briefing, and debriefing tasks as directed by CDO Mission Lead or Crew Commander.
Provide feedback on detection mechanisms that are both true and false positive events to ESM and Content Development as applicable.
When assigned as CDO Mission Lead, assign tasks to CDOs as prioritized by the Crew Commander, accounting for all required mission systems and functions.
Design incident response plans (IRP) as directed by the Crew Commander. Ensure CDOs are briefed on objectives, ROEs, plans, contingencies, and applicable TTPs.
Accomplish assigned weapon system access, ORM, Go/No Go, reports, TTP updates, and TAR submissions.
Coordinate with CDO, FMA, DCC, ESM, CTE&A, and intelligence as required. Provide force presentation recommendations to Crew Commander.
Lackland Air Force Base, San Antonio, TX, USA
#J-18808-Ljbffr
-
Senior Incident Response Analyst
3 weeks ago
San Diego, United States North American Full timePosition Overview: We are seeking a highly skilled Senior Incident Response Analyst to join our dynamic team. The ideal candidate will possess extensive experience in incident response methodologies, threat detection, and mitigation strategies. The Senior Incident Response Analyst will play a crucial role in safeguarding our organization's assets by...
-
Senior Incident Response Analyst
2 weeks ago
San Diego, United States SHEIN Technology LLC Full timeJob Title: Senior Security Engineer IReports to: Monitoring & Response Teams ManagerJob Location: San Diego, CA, USAJob Status: Exempt, FTAbout SHEINSHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from a global network of vendors, all at affordable prices. Headquartered in Singapore, with more than 15,000...
-
Senior Incident Response Analyst
2 weeks ago
San Diego, United States SHEIN Technology LLC Full timeJob Title: Senior Security Engineer IReports to: Monitoring & Response Teams ManagerJob Location: San Diego, CA, USAJob Status: Exempt, FTAbout SHEINSHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from a global network of vendors, all at affordable prices. Headquartered in Singapore, with more than 15,000...
-
Senior Incident Response Analyst
2 weeks ago
San Diego, United States SHEIN Technology LLC Full timeJob Title: Senior Security Engineer IReports to: Monitoring & Response Teams ManagerJob Location: San Diego, CA, USAJob Status: Exempt, FTAbout SHEINSHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from a global network of vendors, all at affordable prices. Headquartered in Singapore, with more than 15,000...
-
Incident Management Analyst
3 days ago
San Antonio, United States S2ssoft Full timeJob DescriptionJob DescriptionIncident Management Analyst (Major Incident Management) Is Must San Antonio, TXDescription:The Incident Management Analyst will support and provide a good analysis of an incident and/or a solution to it in order to restore the disturbed service as soon as possible. Oversee incident documentation, ensuring accuracy within RCA...
-
Incident Management Analyst
3 days ago
San Antonio, United States K-Tek Resourcing Full timeJob DescriptionJob DescriptionJob Title: Incident Management Analyst (Major Incident Management) Is Must Location: San Antonio, TXDuration: Long Term Contract Description:The Incident Management Analyst will support and provide a good analysis of an incident and/or a solution to it in order to restore the disturbed service as soon as...
-
Expert Incident Response Analyst
4 weeks ago
San Francisco, United States Pacific Gas and Electric Company Full timePosition Summary The Expert Incident Response Analyst will be curious and knowledgeable regarding cyber security standards and technologies, specifically focused on infrastructure within an industrial control system (ICS) environment, able to work independently or with appropriate stakeholders as needed. You will provide the opportunity to focus on threat...
-
Expert Incident Response Analyst
4 weeks ago
San Francisco, California, United States Pacific Gas and Electric Company Full timePosition SummaryThe Expert Incident Response Analyst will be curious and knowledgeable regarding cyber security standards and technologies, specifically focused on infrastructure within an industrial control system (ICS) environment, able to work independently or with appropriate stakeholders as needed. You will provide the opportunity to focus on threat...
-
Incident Management Analyst
1 day ago
San Antonio, United States PamTen Full timeThe Incident Management Analyst will support and provide a good analysis of an incident and/or a solution to it in order to restore the disturbed service as soon as possible. Oversee incident documentation, ensuring accuracy within RCA (Root cause analysis) and undertake an immediate effort to restore a failed IT application. Responsibilities: •Managing...
-
Senior Security Incident Response Engineer
2 days ago
San Francisco, United States Twitch Full timeAbout Us Twitch is the world's biggest live streaming service, with global communities built around gaming, entertainment, music, sports, cooking, and more. It is where thousands of communities come together for whatever, every day. We're about community, inside and out. You'll find coworkers who are eager to team up, collaborate, and smash (or elegantly...
-
Incident Management Analyst _ITIL certification
2 weeks ago
San Antonio, Texas, United States Luxoft Full timeProject descriptionThe Incident Management Analyst will support and provide a good analysis of an incident and/or a solution to it in order to restore the disturbed service as soon as possible. Oversee incident documentation, ensuring accuracy within RCA (Root cause analysis) and undertake an immediate effort to restore a failed IT...
-
San Diego, United States Booz Allen Hamilton Full timeJob Number: R0198035 Digital Forensics Incident Response Consultant, Mid Key Role: Display professional and expert knowledge of incident response processes, tools, and techniques. Handle incident investigation with little oversight and make significant contributions to any incident response efforts. Participate in cyber incident response investigations...
-
Incident Manager
2 weeks ago
San Diego, United States Ampcus Incorporated Full timePosition Title Incident Manager Location San Diego office -3 days a week hybrid Duration Long term position **Job Description**: Major Incident management team is a support team established to ensure resolution of major incidents impacting business units. **Goal**: Accurately identify a major incident, promptly engage technical resources, effectively...
-
Incident Manager
2 days ago
San Diego, United States Ampcus Incorporated Full timePosition Title Incident Manager Location San Diego office -3 days a week hybrid Duration Long term position Job Description Major Incident management team is a support team established to ensure resolution of major incidents impacting business units. Goal: Accurately identify a major incident, promptly engage technical resources,...
-
Incident Management Analyst _ITIL certification
2 weeks ago
San Antonio, US Luxoft Full timeProject descriptionThe Incident Management Analyst will support and provide a good analysis of an incident and/or a solution to it in order to restore the disturbed service as soon as possible. Oversee incident documentation, ensuring accuracy within RCA (Root cause analysis) and undertake an immediate effort to restore a failed IT...
-
Incident Manager
2 weeks ago
San Diego, United States ApTask Full timeRole: Incident ManagerLocation: San Diego, CA - Onsite Desired Skills and Experience:7+ years of Production support experience. Technical Skills:Ensure that activities within the incident management process are being performed at a high level of quality and that it meets its associated Service Level Agreements or Operational Level AgreementsIncident Response...
-
Special Response Security Officer
5 days ago
San Antonio, United States GardaWorld Security Security Services US Full time**GardaWorld -** **Security Services** **Special Response Officer - Now Hiring!** You’ve got the right skills. What you need is the right opportunity to unleash your potential. We agree, and we’re hiring! Every day is different at GardaWorld with diverse work assignments and flexible schedules. We are leaders in Professional training programs that...
-
Incident Manager
2 days ago
San Diego, United States ApTask Full timeAbout Client: The client provides information technology (IT) services, including business outsourcing, infrastructure technology, and application services. The application service offered by the company includes application development, maintenance, and support. The markets served by the company are financial services and insurance, healthcare,...
-
Security Officer III
2 months ago
San Antonio, United States Texas Department of Aging & Disability Services Full timeJob Description: Would you thrive in an environment where you learn and grow personally and professionally all while helping make a positive impact on people’s lives? Do you appreciate being around others like yourself who are dependable, trustworthy, hard workers who believe in the value of each other, teamwork, and inclusivity? HSCS is dedicated to...
-
Security Officer
5 days ago
San Antonio, United States Six Flags Fiesta Texas Full timeSecurity Officer- Overnight (Public Safety Officer) Job Type: Part Time – Year-RoundPay Rate: $16.50/hr.Category: Public SafetyLocation: Six Flags Fiesta Texas in San Antonio, Texas WHAT WE PROVIDE: This is an overnight Security Officer position at Six Flags Fiesta Texas, in San Antonio, TX. It features a competitive hourly rate of $16.50 with...
