Cyber Defense Incident Responder

4 weeks ago


Washington, Washington, D.C., United States Z FEDERAL Full time
Job Summary

Z FEDERAL is seeking a highly skilled Cyber Defense Incident Responder to support a full range of cyber security services on a contract in Washington DC. The position is full-time/permanent and will support a U.S. Government civilian agency.

Key Responsibilities:

  • Develop content for cyber defense tools.
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
  • Coordinate with enterprise-wide cyber defense staff to validate network alerts.
  • Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
  • Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
  • Perform cyber defense trend analysis and reporting.
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
  • Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
  • Identify and analyze anomalies in network traffic using metadata.
  • Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).

Requirements:

  • Bachelors Degree.
  • 1-3 years' experience in Introductory information assurance, networks, sensor operations, network/data analysis, packet capture analysis, hunts methodologies, intelligence analysis.
  • Certifications addressing new attack vectors (emphasis on cloud computing technology, mobile platforms and tablet computers), new vulnerabilities, existing threats to operating environments.
  • Strong written and verbal communication skills.
  • Ability to interpret the information collected by network tools (e.g., Nslookup, Ping, and Traceroute).
  • Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
  • Knowledge of incident response and handling methodologies.
  • Knowledge of front-end collection systems, including traffic collection, filtering, and selection.
  • Experience with system administration, network, and operating system hardening techniques.
  • Knowledge of cyber defense and information security policies, procedures, and regulations.
  • Knowledge of the common attack vectors on the network layer.
  • Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
  • In-depth understanding of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
  • Knowledge of various types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN).
  • Knowledge of file extensions (e.g., .dll, .bat, .zip, .pcap, .gzip).
  • Knowledge of front-end collection systems, including traffic collection, filtering, and selection.

Preferred Experience:

  • Experience in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
  • Ability to analyze malware, conduct vulnerability scans, and recognize vulnerabilities in security systems.
  • Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • Experience evaluating the adequacy of security designs.
  • Skill in using incident handling methodologies.
  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
  • Experience with using protocol analyzers and collecting data from a variety of cyber defense resources.
  • Experience reading and interpreting signatures (e.g., snort).
  • Experience with assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.)
  • Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
  • Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Z FEDERAL is a professional services firm located in Greenbelt, MD. Founded in 1983 to provide IT and management consulting services to the Federal Government, we have established a proven track record of reliable performance in the Federal marketplace. Z FEDERAL has a history of long-term commitment to our Federal customers and our employees.

Z FEDERAL offers:

  • Ownership via ESOP.
  • Self-directed 401K and annual company match.
  • Up to four weeks of paid time off (PTO).
  • 11 paid federal holidays.
  • Other forms of leave such as bereavement, jury duty, military leave.
  • Full Health Benefits: Medical and Vision, Dental (employee-paid).
  • Life Insurance.
  • Short and Long Term Disability, AD&D Insurance.
  • Flexible Spending Account (Medical and Dependent Care).
  • Performance-based bonuses.
  • Tuition Reimbursement.
  • Incentive and referral bonuses.
  • Commuter benefits.
  • Professional Development and Training.
  • Years of Service Reward and Recognition Program.

Z FEDERAL's commitment to employee growth and development is proven and valued by our staff. We want our employees to excel, grow professionally and take on increasingly responsible roles.



  • Washington, Washington, D.C., United States ECS Limited Full time

    Cyber Defense Incident Responder - SeniorECS Limited is seeking a highly skilled Cyber Defense Incident Responder - Senior to join our team in Washington, DC. As a key member of our Cybersecurity team, you will be responsible for leading, facilitating, and advising on the Incident Response lifecycle across the Bureau of the Census within the Department of...


  • Washington, Washington, D.C., United States ECS Limited Full time

    Cyber Defense Incident Responder - SeniorECS Limited is seeking a highly skilled Cyber Defense Incident Responder - Senior to join our team in Washington, DC. As a key member of our Cybersecurity team, you will be responsible for leading, facilitating, and advising on the Incident Response lifecycle across the Bureau of the Census within the Department of...


  • Washington, Washington, D.C., United States ECS Limited Full time

    Job Title: Cyber Defense Incident Responder - SeniorJob Summary:ECS Limited is seeking a highly skilled Cyber Defense Incident Responder - Senior to join our team in Washington, DC. As a key member of our Cybersecurity team, you will be responsible for leading, facilitating, and advising on the Incident Response lifecycle across the Bureau of the Census...

  • Cyber Defense Analyst

    3 weeks ago


    Washington, Washington, D.C., United States Powder River Industries LLC Full time

    Mission:To create a robust digital defense system that safeguards our customers' assets, employees, and customers from cyber threats.Reduce cyber risk and the time it takes to detect and respond to cyber threats.Key Responsibilities:Establishes cyber incident response direction for the organization and cyber defense operations.Manages the cybersecurity...

  • Cyber Defense Analyst

    4 weeks ago


    Washington, Washington, D.C., United States Powder River Industries LLC Full time

    Mission:To safeguard our customers' assets, employees, and customers by creating a state of digital resilience and safety that supports their ability to anticipate, absorb, adapt, and rapidly recover from a cybersecurity incident.Reduce cyber risk and the time it takes to detect and respond to cyber threats.Key Responsibilities:Establishes cyber incident...


  • Washington, Washington, D.C., United States AGS Cyber Full time

    Defensive Security Analyst OpportunityAGS Cyber is seeking a skilled Defensive Security Analyst to join their team in Washington D.C. area. This role will support the Security Operations Center and require expertise in SOC Monitoring, SIEM / EDR maintenance, Incident Response, Digital Forensics, and Threat Hunting.Key Responsibilities:Monitor and analyze...

  • Cyber Defense Analyst

    3 weeks ago


    Washington, Washington, D.C., United States Secure Innovations LLC Full time

    About Secure Innovations LLCSecure Innovations LLC is a leading provider of cybersecurity services, dedicated to helping organizations protect their networks and systems from cyber threats. We are seeking a highly skilled Cyber Defense Analyst to join our team.Job SummaryThe Cyber Defense Analyst will be responsible for monitoring network activity, analyzing...


  • Washington, Washington, D.C., United States Secure Innovations LLC Full time

    Cyber Defense Analyst Job DescriptionSecure Innovations LLC is seeking a highly skilled Cyber Defense Analyst to join our team. As a Cyber Defense Analyst, you will play a critical role in monitoring network activity, analyzing data for anomalous behavior, and identifying potential security threats.Key Responsibilities:Monitor network activity and analyze...


  • Washington, Washington, D.C., United States Leidos Full time

    Cyber Network Defense AnalystLeidos is seeking a highly skilled Cyber Network Defense Analyst to join our team in a critical role that requires expertise in network security monitoring and detection. The successful candidate will be responsible for proactively searching for threats, inspecting traffic for anomalies, and investigating and analyzing logs to...


  • Washington, Washington, D.C., United States Council for Affordable Quality Healthcare Full time

    Job Summary:CAQH is seeking a highly skilled Cyber Security Analyst - Incident Response to join our Information Security Incident Response team. The successful candidate will coordinate the response activities for cyber security incidents across the corporate environment, reviewing, triaging, analyzing, remediating, and reporting on cyber security incidents....


  • Washington, Washington, D.C., United States Bank of America Full time

    Job Description:At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection.Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.One of the keys to driving Responsible Growth is being a great place to work for our...


  • Washington, Washington, D.C., United States Tik Tok Full time

    About the RoleThis is a unique opportunity to join the Threat Led Defense (USTLD) team at TikTok as a Cyber Threat Hunter. As a key member of the Incident Response/Hunt team, you will be responsible for performing Incident Response and Threat Hunting activities on the TikTok enterprise network.Key responsibilities include:Leading incident response and threat...


  • Washington, Washington, D.C., United States OneZero Solutions Full time

    Job Title: Cyber Network Defense AnalystWe are seeking a highly skilled Cyber Network Defense Analyst to join our team at OneZero Solutions, LLC. As a Cyber Network Defense Analyst, you will play a critical role in protecting our enterprise from cyber threats.Key Responsibilities:Utilize client SIEM for enterprise monitoring and detectionCreate Security...


  • Washington, Washington, D.C., United States Critical Solutions Full time

    Cyber Incident Response Analyst Job DescriptionCritical Solutions is seeking a highly skilled Cyber Incident Response Analyst to join our team. As a key member of our Security Operations Center, you will be responsible for monitoring enterprise networks and systems, detecting events, and reporting on any and all threats directed against those systems.The...


  • Washington, Washington, D.C., United States cFocus Software Incorporated Full time

    Job OverviewcFocus Software Incorporated seeks a highly skilled NetWitness Cyber Incident Response Analyst to support the Administrative Offices of the United States Courts in Washington, DC. This role requires an active Public Trust clearance.Key ResponsibilitiesImplement and maintain RSA NetWitness to ensure seamless incident response and threat...


  • Washington, Washington, D.C., United States 00100 LEIDOS, INC. Full time

    Leidos is seeking a highly skilled Cyber Network Defense Analyst to join our team in a critical role that requires expertise in network security monitoring and detection. The successful candidate will be responsible for proactively searching for threats, inspecting traffic for anomalies, and investigating and analyzing logs to provide analysis and response...

  • Cyber Threat Hunter

    4 weeks ago


    Washington, Washington, D.C., United States Sev1Tech Full time

    Cyber Threat Hunter Job DescriptionSev1Tech is seeking a highly skilled Cyber Threat Hunter to join our team. As a Cyber Threat Hunter, you will play a critical role in identifying and mitigating cyber threats to our government customer's networks.Key Responsibilities:Manage the Cyber-Threat Hunt lifecycle, including creation and improvement of...


  • Washington, Washington, D.C., United States DigiFlight Full time

    Cybersecurity Incident Manager IIAt DigiFlight, we are seeking a highly skilled Cybersecurity Incident Manager II to join our team. As a key member of our cybersecurity team, you will be responsible for researching and compiling known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents within the enterprise....


  • Washington, Washington, D.C., United States T-Rex Solutions Full time

    Job DescriptionT-Rex Solutions is seeking a highly skilled Cyber Security Manager to join our team. As a Cyber Security Manager, you will be responsible for monitoring, detecting, analyzing, mitigating, and responding to threats and adversarial activity. You will work closely with our team to ensure the security and integrity of our systems and data.The...


  • Washington, Washington, D.C., United States Insight Global Full time

    Job DescriptionA Cyber Security Watch Officer is needed to work at the Pentagon. This person will be responsible for triage of events, cyber incident handling, network analysis and threat detection and trend analysis. This person should be comfortable working in a 24/7 environment that is responsible for all network defense operation and identification of...