Cyber Incident Response Analyst with Security Clearance
2 weeks ago
Primary Responsibilities
Coordinate investigation and response efforts throughout the Incident Response lifecycle
Correlate and analyze events and data to determine scope of Cyber Incidents
Acquire and analyze endpoint and network artifacts, volatile memory, malicious files/binaries and scripts
Recognize attacker tactics, techniques, and procedures as potential indicators of compromise (IOCs) that can be used to improve monitoring, analysis and Incident Response.
Develop, document, and maintain Incident Response process, procedures, workflows, and playbooks
Tune and maintain security tools (EDR, IDS, SIEM, etc) to reduce false positives and improve SOC detection capabilities
Document Investigation and Incident Response actions taken in Case Management Systems and prepare formal Incident Reports
Create metrics and determine Key Performance Indicators to drive maturity of SOC operations
Develop security content such as scripts, signatures, and alerts Basic Qualifications
Requires a minimum of a Bachelors degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field PLUS four (4) years of professional experience in incident detection and response, malware analysis, or cyber forensics.
Must have at least one of the following certifications:
SANS GIAC: GCIH, GCIA, GCFA, GPEN GCFE, GREM
CISSP OSCP, OSCE, OSWP
Must have current TS/SCI. In addition to specific security clearance requirements, all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program. Preferred Qualifications
Indepth knowledge of each phase of the Incident Response life cycle
Expertise of Operating Systems (Windows/Linux) operations and artifacts
Understanding of Enterprise Network Architectures to include routing/switching, common protocols (DHCP, DNS, HTTP, etc), and devices (Firewalls, Proxies, Load Balancers, VPN, etc)
Ability to recognize suspicious activity/events, common attacker TTPs, and perform logical analysis and research to determine root cause and scope of Incidents
Be familiar with Cyber Kill Chain and have utilized the ATT&CK Framework
Have scripting experience with Python, PowerShell, and/or Bash
Ability to independently prioritize and complete multiple tasks with little to no supervision
Flexible and adaptable selfstarter with strong relationshipbuilding skills
Strong problem solving abilities with an analytic and qualitative eye for reasoning Potential for Telework:No
Clearance Level Required: Top Secret/SCI
Travel: No
Scheduled Weekly Hours: 40
Shift: Day
#J-18808-Ljbffr
-
Cyber Security Operations Specialist
1 week ago
St Louis, United States SITEC Consulting LLC Full timePosition Overview: Provide CSOC Tier 2 services, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents. CSOC Tier 2 services includes malware and implant analysis, and forensic artifact handling and analysis. When a CIRT is stood up, all...
-
Cyber Security Operations Specialist
2 days ago
St Louis, United States SITEC Consulting LLC Full timePosition Overview: Provide CSOC Tier 2 services, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents. CSOC Tier 2 services includes malware and implant analysis, and forensic artifact handling and analysis. When a CIRT is stood up, all...
-
Cyber Threat Investigator
7 days ago
St Louis, United States Parsons Corporation Full timeParsons is looking for a talented Counter-Intelligence Cyber Threat Analyst to join our growing team!What You'll Be Doing:Produce actionable Technical CI (Cyber) threat reports in collaboration with teammates, NGA partners and intelligence community peers.Produce CI Information Reports and IIRs from data collected and reported by either the Technical CI team...
-
Cyber Hunt Level II
1 week ago
St Louis, United States Strategic ASI Full timeWhat You'll Get to Do: Our client is hiring a new member to our Cyber Security Hunt Services team. This role will proactively search for indicators of compromise on NGA systems through planned Hunt missions. Assign the Cybersecurity Operations Manager to direct and oversee all Contractor support for this sub-service and serve as the primary...
-
Cyber Security Operations Specialist III
2 weeks ago
Saint Louis, United States RISA Full timeJob DescriptionJob DescriptionSkill Level: Mid-Senior LevelSecurity Clearance: Top Secret /SCIJob Type: Full-TimeRemote: NoAbout RISA:In this time of rapid change, as technologies expand at lightning speed, RISA seeks to remain at the forefront - applying them in unique ways to address our customers’ challenges and providing our employees with engaging...
-
Cyber Security Operations Specialist
2 weeks ago
Saint Louis, United States SITEC Consulting Full timeJob DescriptionJob DescriptionPosition Overview: Provide CSOC Tier 2 services, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents. CSOC Tier 2 services includes malware and implant analysis, and forensic artifact handling and analysis. When a...
-
Senior Software Developer
4 weeks ago
St. Louis, United States CALIBRE Full timeCALIBRE Systems Inc., an employee-owned Management Consulting and Digital Transformation Company is seeking aSoftware Developer (Senior) will develop, create, maintain, and write/code new (or modify existing)computer applications, software, or specialized utility programs.The Software Developer’s responsibilities include, but are not limited to, the...
-
Information Security Analyst
6 days ago
Palm Bay, United States City of Palm Bay Full timeMINIMUM TRAINING AND EXPERIENCE Bachelor’s degree in computer science, Information Technology, Cyber Security, or a closely related field with a minimum of two (2) years of experience in information/cyber security system support, preferably in a governmental setting. or Associate Degree in Computer Science, Information Technology, or a closely related...
-
Cyber Security Operations Specialist II
2 weeks ago
Saint Louis, United States RISA Full timeJob DescriptionJob DescriptionAbout RISAIn this time of rapid change, as technologies expand at lightning speed, RISA seeks to remain at the forefront - applying them in unique ways to address our customers’ challenges and providing our employees with engaging career opportunities. We seek professionals excited by a challenge and focused on assisting our...
-
Sr Infosec Analyst
3 weeks ago
St Louis, United States CareerBuilder Full timeMust Have Qualifications: Completion of one of the following recognized professional certifications: QSA (Qualified Security Assessor), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), SSCP (Systems Security Certified Practitioner), Certified Ethical Hacker (CEH)Technical Expertise: Cisco Firepower,...
-
Sr Infosec Analyst
1 week ago
St Louis, United States Phaxis Full timeMust Have Qualifications: Completion of one of the following recognized professional certifications: QSA (Qualified Security Assessor), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), SSCP (Systems Security Certified Practitioner), Certified Ethical Hacker (CEH) Technical Expertise: Cisco Firepower,...
-
Global Security Operations Center
3 weeks ago
St. Louis, Missouri, United States Block Full timeJob Description Block is seeking an experienced Global Security Operations Center (GSOC) Lead to oversee security operations on a global scale. This role oversees the day to day operations of the GSOC, and will be responsible for leading a team of security professionals in monitoring, assessing, and responding to security incidents across our distributed...
-
Cybersecurity Operations Analyst II
1 week ago
St Louis, United States Strategic ASI Full timeOur client is seeking multiple Cybersecurity Operations Analyst II who could potentially be located in either Springfield, VA or Saint Louis, MO. What You'll Get to Do: Coordinate and implement tasks, performing analysis, and building/documenting response activities required during cyber security incident response, including but not limited to actions...
-
IT Security Governance Analyst II
1 week ago
St Louis, United States Stifel Full timeSummary Under general supervision, the IT Security Governance Analyst II is a front-line member of the IT Security Program team responsible for the overall management of the IT Security Program. The IT Security Governance Analyst is responsible for supporting internal, external, and client audits, managing security risks within a GRC solution, and assessing...
-
Cyber Security Engineering Specialist
2 weeks ago
Saint Louis, United States SITEC Consulting Full timeJob DescriptionJob DescriptionAbout SITECSITEC is an employee and customer focused Information Technology and Professional Services Firm specializing in design, development, and delivery of state-of-the-art technology solutions, as well as cybersecurity, software and systems engineering services.SummaryThe Cyber Security Engineering Specialist provides...
-
IT Specialist II
3 weeks ago
St Louis, United States CareerBuilder Full timeJob Description Information Technology Under general direction, develop and enforce enterprise information security policies and standards across The District, IT and OT. Work involves coordinating and/or planning, implementing, and monitoring security measures for the protection of the district's information assets from unauthorized use, modification, or...
-
Lead, Systems Engineer
3 weeks ago
Palm Bay, United States Harris Geospatial Solutions Full timeJob Title:Lead, Systems Engineer – Cyber Effects (Active TS/SCI Clearance Required) Job Code: 9226 Job Location:Palm Bay, FL or Columbia, MD or Herndon, VA Job Description: As aLead, Systems Engineer – Cyber Effectsyou will lead and contribute to architecting, implementing, testing, and troubleshooting cyber applications. Evaluate development and COTS...
-
Senior Cybersecurity Analyst
2 days ago
St Paul, United States Blue Star Partners, LLC Full timeJob Description Job Description Job Title: Senior Cybersecurity Analyst Location: St. Paul, MN – Onsite – Local candidates only Period: 05/13/2024 to 12/20/2024 – possibility of extension Hours/Week: 40 hours Rate: $40-$45/hour (Hours over 40 will be paid at Time and a Half) Contract Type: W-2 Scope of Services: The Senior Cybersecurity Analyst...
-
St. Louis, United States Network and Data Solutions Integrators (NDSI) Full timeTransform technology into opportunity as a Sr. Systems Administrator (Operations 24x7 Support) with NDSI. A career in enterprise IT means connecting and enhancing the systems that matter most. At NDSI you'll be at the forefront of innovation and play a meaningful part in improving how agencies operate.At NDSI, people are our differentiator. As a Sr. Systems...
-
Information Security Manager
6 days ago
St Louis, United States Prestige Staffing Full timeThe position is responsible for overseeing the organization's physical and electronic information security capabilities. To be successful in this position, you must have at least seven (7) years' experience operating as a security resource in an enterprise environment or equivalent experience. This position requires in-office support. After an initial period...