Cyber Defense Incident Responder(Sign-On Bonus!!)

JOB DESCRIPTION:

ASRC is hiring an Incident Responder to support onsite in Quantico, VA. This position has been approved for hybrid support (2 days onsite/3 days remote).

The Incident Responders support includes continuous monitoring, data to include but not limited to network and host vulnerability scanning IDS, firewall, network sensor tuning, net flow/packet capture (PCAP). Collect and keep audit data to conduct a technical analysis relating to misuse, penetration, or other incidents.

Traffic analysis, vulnerability analysis, cyber threat hunting, wireless scanning, end point security analysis, vulnerability analysis, network access control, network and computer forensics investigations, insider threat support, web traffic analysis, and various cybersecurity application/tools installed on (servers, workstations, to include maintenance and upkeep of the server. https://public.cyber.mil/cw/cwmp/dod-approved-8570-baseline-certifications/

Analysis reports, forensics investigations, trend reports. Analysis reports are conducted daily, covering the Security Information and Event Manager (SIEM), end point security, network access control, and vulnerability scanners, threat hunt operations. Analysis reports are produced daily covering 30 plus activities that are used to depict current network security and any anomalous activity.

BASIC QUALIFICATIONS:

• Knowledge of computer network defense concepts, DISA Security Technical Information Guides, DoD A&A Process, NIST SP 800-53, NIST SP 800-61, CJCSM 6510.01 B, United States Cyber Command guidelines, and other applicable DoD Cybersecurity and Computer Network Defense Policies Cybersecurity and Computer Network Defense policies

• Experience developing and reporting metrics, preferably in a near-real time dashboard or common operating picture

• Develop, maintain, and provide a weekly brief that captures all the cyber events including metrics and trends

• Liaise with internal and external partners at all levels, government, and private sector, in order to benefit the organization and provide for more uniform situational awareness and common defense

• Correlate warning intelligence and attack sensing and warning (AS&W) data to search for advanced, persistent, and coordinated threats across the enterprise

• Analyze impact of cyber warning intelligence and AS&W

• Strong knowledge of Forescout Software

#Broadleaf

YEARS EXPERIENCE:

At least two (2) Years System Level Cybersecurity Experience to include Incident response and Threat Hunting

EDUCATION REQUIREMENTS:

Bachelor's Degree, or equivalent experience in Cybersecurity, and/or Information Systems Management, Information Technology

CERTIFICAITON(S):

8570 IAT Level II required e.g., CCNA-Security, CySA+, GICSP, GSEC, Security+CE, CND, SSCP or Higher tiered certification

In addition to the above, CEH or the like e.g., Pentest+, OSCP, CSSP-IR is preferred

CLEARANCE LEVEL:

Active Top Secret Required and eligibility for TS/SCI

WORK ENVIRONMENT AND PHYSICAL DEMANDS:

This is primarily a Telework position with a requirement to be onsite at least two (2) days a week at Quantico Marine Corps Base VA.

If alternate worksite is other than DCSA facilities or corporate office space, must have the reliable ability to communicate over voice (cell phone preferred) and stable, capable internet connection.

Must speak English well enough to communicate complex technical ideas to a diverse customer both verbally and in written form.