Cyber Security Incident Responder

Criterion Systems Pensacola , FL 32501

Posted 3 months ago

AtCriterion Systems, we developed a different kind of businessa company whosereal value is a reputation for excellence built upon the collective skills,talents, perspectives, and backgrounds of its people. We are seeking a Cyber Security IncidentResponder to support a position inPensacola, FL.

Purpose

Criterion is supporting a U.S. Government customer on a large missioncritical development and sustainment program to design, build, deliver, andoperate a network operations environment; including introducing new cybercapabilities to address emerging threats. In support of the customer'sstrategic direction, Criterion is looking for qualified individuals who cansupport a customer in the detection, response, mitigation, and reporting ofcyber threats affecting client networks. By accepting a position with CriterionSystems, you will join a group of professionals with a collaborative mindsetwhere we share ideas and foster professional development in order to accomplishour goals. In addition to our great culture we also offer competitivecompensation and benefit packages, company-sponsored team building events, andadvancement opportunities. To find out more about how Criterion can help youtake your career to the next level please visit our website:www.criterion-sys.com.

Primary Accountabilities

  • Provide support in thedetection, response, mitigation, and reporting of cyber threats affectingclient networks

  • Maintain anunderstanding of the current vulnerabilities, response, and mitigationstrategies used in cyber security operations

  • Produce reports andbriefs to provide an accurate depiction of the current threat landscape andassociated risk. Accomplish this through the use of customer, community, andopen source reporting

  • Provide analysis forcorrelated information sources

  • Facilitate thecustomer's posturing itself to aggressively investigate cyber activitytargeting customer information and its information infrastructure

  • Assist the customertraining department in the education of staff on the cyber threat

  • Liaison with othergovernment cyber threat analysis entities, such as intra-agency andinter-agency Cyber Threat Working Groups

  • Maintaining proficiencyin the use and production of visualization charts, link analysis diagrams, anddatabase queries

  • Analyze and report cyberthreats as well as assist in deterring, identifying, monitoring, investigatingand analyzing computer network intrusions

  • Additional duties mayinclude providing intrusion support to high technology investigations in theform of computer evidence seizure, computer forensic analysis, data recovery,and network assessments

  • Meet and maintaincustomer required Information Assurance training compliance

  • Ability to support shiftwork

MinimumQualifications

  • 4 years of experiencewith a Bachelor of Science Degree with major in CyberEngineering, Computer Science/Electrical Engineering, Engineering, Science orrelated field. An additional 8 years of related work experience may besubstituted for a degree.

  • Must have active Top Secret/Sensitive Compartmented Information (TS/SCI)security clearance

  • Must be a U.S. Citizen

  • 4 years hands-on experience in the detection, response, mitigation,and/or reporting of cyber threats affecting client networks and one or more ofthe following:

  • Experience in computer intrusion analysis and incident response

  • Intrusion detection

  • Computer network surveillance/monitoring

  • Knowledge and understanding of network protocols, network devices,multiple operating systems, and secure architectures

  • Experience in computer evidence seizure, computer forensic analysis, anddata recovery

  • Computer network forensics

  • System log analysis

  • Experience with current cyber threats and the associated tactics,techniques, and procedures used to infiltrate computer networks.

  • Current experience with network intrusion detection and responseoperations (Protect, Defend, Respond and Sustain methodology)

  • Current experience with cyber threats and the associated tactics,techniques, and procedures used to infiltrate computer networks

  • Demonstrated ability to document processes

  • The ability to respond to crises objectively

  • Proficiency with MS Office Applications

  • Must be able to work collaboratively across agencies and physicallocations

Preferred Qualifications

  • Experience supportingDHS, Federal Civil, Intelligence and/or DoD Customers

  • Computer Forensicsexperience

  • Malware reverseengineering experience

  • Experience with Risk and

Opportunity management

  • Scripting experience(python, perl etc)

  • Experience with processdevelopment and deployment

  • Excellent writing skills

  • Prior experience withdata visualization products such as Analyst Notebook is desired.

  • Prior experience with

Splunk

  • Prior experienceworking in one of the following

highly desired:

  • Security Operations Center (SOC/NOSC)

  • Computer Emergency Response Team (CERT/CIRT)

  • DOD/FED Cyber Intel organization

  • DCIO/MCIO, with Cyber Counterintelligence focus

  • Additional Technical CNDIncident Reporter Certification(CEH, GCIH, GCIA, GNFA)

  • DoDI 8570.01-M 8570.01-MIAT Level I Compliant Certification (Network + CE, A+ CE, CCNA + Security,SSCP)

Criterion Systems iscommitted to hiring and retaining a diverse workforce. We are proud to be anEqual Opportunity/Affirmative Action-Employer, making decisions without regardto race, color, religion, creed, sex, sexual orientation, gender identity,marital status, national origin, age, veteran status, disability, or any otherprotected class.


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Network Security Analyst 2

Northrop Grumman

Posted 2 months ago

VIEW JOBS 11/2/2018 12:00:00 AM 2019-01-31T00:00 Do you desire a patriotic role and the chance to defend our nation's cyber infrastructure? Do you enjoy learning about new technologies and how they can be used to provide cutting edge services to our customers? If so, then look to join the Northrop Grumman Mission Systems team. The Cyber Network Security Analyst 2 position will be located in Pensacola, FL. Position Description: * Conduct technical analysis of network traffic to identify anomalies, which may represent potentially malicious activity, and document the analysis in prescribed formats. * Monitor and understand emerging threats on open source, defined as those technical vulnerabilities and exploits that could present a threat to government networks, analyze tools and exploits, and document the analysis in prescribed formats. * Monitor Intrusion Detection System / Intrusion Prevention System (IDS/IPS) alerts, analyze associated network traffic, and document the analysis in prescribed formats. * Report detected incidents to agencies, work toward resolution, and escalate when required according to Standard Operating Procedures (SOPs). * Development of IDS/IPS signatures based on indicators and analysis. * Testing of IDS/IPS signatures to determine successful detection and level of false positives. * Deployment of IDS/IPS signatures based on SOPs. * Conduct technical analysis of data from partners, constituents, and monitoring systems to understand the nature of attacks, threats, and vulnerabilities. * Assist with the development of mitigation strategies. * Coordinate, communicate, share information, with CS&C (CyberSecurity & Communication) and NCCIC (National CyberSecurity & Communications Integration Center) components. * Deploy to provide on-site support and assistance in the event of an exercise or cyber incident. * Identify and document network-based tactics, techniques, and procedures used by an attacker to gain unauthorized system access. * Participate in inter-agency sponsored community of interest analysis groups, and technical briefings and exchanges. * Assist with developing and maintaining Standard Operating Procedures. * Support the collection and reporting of performance metrics. PENSFLMSTR Basic Qualifications: To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below. * Bachelor's Degree in Computer Science or a related technical field plus 2 years of relevant technical experience; or a Master's Degree in Computer Science or a relevant technical field plus 0 years of related technical experience; or an Associate's Degree in Computer Science or a related technical field plus 4 years of relevant technical experience; or 6 years of relevant technical experience. * Current, active Top Secret Security Clearance with SCI eligibility. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated Department of Homeland Security (DHS) background investigation (EOD) for continued employment. * In-depth understanding of Security Operations Center/Network Operations Center (SOC/NOC) operations. Preferred Qualifications: Candidates with these preferred skills will be given preferential consideration: * Advanced skills in developing IDS signatures and ability to conceptualize IDS signatures from otherwise disparate information. * Highly proficient in working with SNORT IDS software. * DoD 8570 Level II certification (SANS certifications, CISSP). * Experience leading and managing within SOC/NOC operations. * Familiarity with Kill Chain for incident response. * Familiarity with malware analysis. * Familiarity with forensics. * Familiarity with incident response products and best practices. * Experience with database (e.g. MS Access, SQL) and/or portal administration (e.g. SharePoint). Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions. Northrop Grumman Pensacola FL

Cyber Security Incident Responder

Criterion Systems