Mid Cyber Defense Analyst / Incident Responder IRES – SSFB/HSV Position Available In Madison, Alabama

Mid Cyber Defense Analyst / Incident Responder

IRES – SSFB/HSV

Amentum – 3.8 Redstone Arsenal, AL Job Details Full-time $114,600 – $139,600 a year 2 days ago Benefits Employee stock purchase plan Paid holidays Disability insurance Relocation assistance Health insurance Tuition reimbursement Paid time off Parental leave 401(k) matching Flexible schedule Qualifications Microsoft Powerpoint Microsoft Word Top Secret Clearance Computer science

GICSP CSSP

Analyst Microsoft Excel Management Security analysis LAN CompTIA CySA+ Visio Mid-level Windows Microsoft Office Host/hostess experience Information security Master’s degree High school diploma or GED CEH Firewall Nessus Bachelor’s degree IDS DoD 8570 Computer networking Linux IAT Cybersecurity Associate’s degree CompTIA Security+ CSSP Incident Responder IAT Level II Leadership SSCP Under 1 year

Full Job Description Position Title:

Mid Cyber Defense Analyst /

Incident Responder Location:

Schriever Space Force Base, Colorado Springs, CO or Redstone Arsenal, Huntsville, AL Relocation Assistance:

None available at this time

Remote/Telework:

NO – Not available for this position

Clearance Type:

DoD Secret Shift:

Day shift (Mon-Fri)

Travel Required:

Up to 25% of the time #cjpost

Description of Duties:

The Mid Cyber Defense Analyst / Incident Responder supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract.

The candidate will:

Perform Defensive Cyber Operations (DCO)/Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM). Perform cybersecurity duties on customer networks (proactively and reactively) to improve enterprise-wide security posture. Perform preliminary analysis, identification, and response actions to detect, characterize, and respond to cyber incidents

IAW CJCSM 6510.01B.

Lead event/incident investigations from start to conclusion, to include gathering data, analysis, and reporting. Properly document all steps in the incident response process while taking care to preserve and protect incident artifacts, evidence, and chain of custody. Analyze correlated assets, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defensive posture. Support a Cyber Defense Analyst and Cyber Defense Incident Responder training plan by instructing, evaluating, and mentoring Junior Cyber Defense Analyst and Cyber Defense Incident Responders. Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation. Leverage actionable Cyber Threat Intelligence data to search for indicators of compromise and develop SIEM content/signatures to detect known attack patterns and make recommendations for improvements. Coordinate with

CSSP-CERT

subscribers to develop current configurations, rules, and signatures for cyber security related toolsets. Coordinate with

CSSP-CERT

subscribers to notify, investigate, and remediate discrepancies in security logging and

CSSP-CERT

alignment. Provide standardized and targeted training in support of

CSSP-CERT

subscriber cyber defense and incident response programs. Review data of ongoing intrusions or cybersecurity incidents and report, analyze, and document/report the findings in accordance with

CJCSM 6510.01B

guidelines. Provide support to internal and external Insider threat and law enforcement / counterintelligence (LE/CI) agencies during cyber incidents / investigations.

The successful candidate will:

Have experience with most MS Office applications (Word, Excel, PowerPoint, and Visio). Be able to multi-task and prioritize various projects and assignments in a dynamic work environment in order to meet scheduled/unscheduled customer requests. Be willing to travel 25% of the time. Be willing to work rotating shifts in a 24x7x365 operational environment and respond quickly to emergencies as needed. Resumes, in month and year format, must be submitted with application in order to be considered for the position. The selected candidate may be assigned as an employee for one of our teammate companies.

Basic Requirements:

Must have one of the following combinations of education and experience: HS Diploma (or GED) and 6 years of general experience; Associate’s degree and 4 years of general experience; Bachelor’s degree and 2 years of general experience; Master’s degree and 0 years of general experience Must have 4 years of directly related experience in information security, physical security, cybersecurity, or a combination. Must have 1 year experience in management or leadership in a team environment. Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) – (CySA+, GICSP, GSEC, Security+ CE, SSCP) Must have a DoD 8570.01-M CSSP Analyst, Incident Responder, and Auditor certification (CEH or CySA+ cover all three) Must have an active DoD Secret Security Clearance.

Desired Requirements:

Have a Bachelor’s degree, or higher, in Cybersecurity, Computer Science or related field Have experience with security analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network Devices, and Operating Systems (e.g., Windows, and Linux) Have experience with other Security Operations Centers (SOC)/DCO tools/applications, such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, Network Security Manager, Forward Proxy, Spam Firewall, etc. Have experience analyzing security compliance scans performed across a WAN (ACAS/Nessus preferred) Have experience analyzing network and host-based threats (ESS preferred) Be able to mentor and train personnel in an evolving, high-paced environment Be familiar with DoD Security Operations Centers (SOC) Be familiar with DCO/Cybersecurity Service Provider (CSSP)-guiding security policies and procedures Have an active DoD Top Secret clearance This position is expected to pay $114,600 – $139,600 annually; depending on experience, education, and any certifications that are directly related to the position. This position will be posted for a minimum of 3 days. If a candidate has not been selected at that time, it will continue to be posted until a suitable candidate is selected or the position is closed. Our health and welfare benefits are designed to invest in you, and in the things that you care about. Your health. Your well-being. Your security. Your future. Typical benefits offered include flexible work schedules, educational reimbursement, retirement benefits (401K match), employee stock purchase plan, health benefits, tax saving options, disability benefits, life and accident insurance, voluntary benefits, paid time off and paid holidays, and parental leave.