Cyber Defense Incident Responder with Security Clearance
: Job Details :

Cyber Defense Incident Responder 1st shift - 7am-3:30pmWashington, DC - onsiteAll candidates must be open/flexible for all shifts in this 24/7 environment Responsibilities:• Respond to cyber incidents, including responding to SOC IR phone calls and SOC emails from the client and customer POCs• Provide support in the detection, responses, mitigation, and reporting of cyber threats affecting internal and external clients' networks• Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in the cyber security operation center• Develop documentation, reports, briefs, and review SOPs with customer to give an accurate depiction of the current threat landscape and associated risk that is affecting the clients' networks• Provide analysis for correlated information sources to the client which is notified by the Cyber SOC Team Lead or the Government Watch Officer• Act as a Subject Matter Expert in investigations for potential incidents at the SOC Tier 1 Level• Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions• Work with SOC federal staff, Shift Lead, Senior Analyst to analyze, triage, contain, and remediate security incidents• Follow Federal IRP, SOC SOPs and other prudent documentation procedures to work and be effective while having an eye towards process improvement/effectivity• Knowledgeable on multiple technology and system types• Able to articulate the incident response lifecycle Qualifications:• Bachelor's with 8+ years of cyber defense incident handling experience (or commensurate experience)• 7+ years of SOC experience, 3+ years working at a senior/lead capacity. Direct experience executing Incident Handling and Response activities• Understanding of Security tools and the Security Stack• Working knowledge of Splunk• Basic understanding of network protocols and packet analysis tools• Cyber Security background• Certification: Splunk Fundamentals I & II and one or more advanced certifications including but not limited to: CISSP, GCIH, GCIA• Clearance Required: Ability to maintain a Public Trust clearance