Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Sr Cyber Security - Incident Response

Expired Job

Wonese Washington , DC 20001

Posted 3 months ago

Our client is looking for Senior Cyber Security Incident Response Analyst. You will assist in responding to security incidents in a mission critical production environment, such as investigating and remediating possible endpoint malware infections, mitigating threats such as unauthorized use, spam and phishing. You will coordinate response, triage and recovery activities for security events affecting the companys information assets. You will report to Cyber Security Incident Response Manager.


  • 5-7 years of Information Security or Incident Response related experience.

  • 2+ years of hands-on experience in at least two of the following areas: security operations, incident response, network/host intrusion detection, threat response.

  • Bachelors degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience.

  • Demonstrated experience in handling security events in mission critical environments; hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests.

  • Proven past experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc.

  • Good grasp of security incident response, such as different phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IOCs), etc.

  • Experience analyzing system and application logs to investigate security issues and/or complex operational issues.

  • Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection).

  • Demonstrated experience with utilizing SIEM (such as Splunk, LogRythm etc) in investigating security issues and / or complex operational issues on Windows and Unix .

  • Strong knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases).

Your Work Falls into Three Primary Categories:

Security Events and Incidents

  • Manage security events identified from enterprise SIEM tool, Threat Intelligence, end user notifications, etc. to determine security risk and respond accordingly.

  • Coordinate response, triage and escalation of security events affecting the companys information assets and activities within the Incident Response team.

  • Categorize, prioritize, and normalize an event to determine if it meets the threshold of a potential incident and declare an incident, if required following documented process.

Communication and Collaboration

  • Effectively collaborate within Information Security with Security Operations, Threat Intel, Forensics, Threat Detection and Vulnerability management teams as well as external teams in various lines-of-business to enable enhancements in Freddie Macs security posture.

  • Present security analysis, action plan and risks to different audiences and adjust the delivery accordingly (business, technical and management) using either structured presentations or ad-hoc, and establish consensus.


  • Augment Incident Response team to ensure 24/7 coverage and operations. Responsibilities occasionally will require working evenings and weekends, sometimes with little or no advanced notice.

  • Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats and also provide guidance to junior analysts on Incident Response activities.

Base Salary and relocation provided for this role.

Please email me your word format resume along with your contact information.

Cyber Security Incident Response siem IPS

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security And Incident Response Specialist

Threatconnect, Inc.

Posted 3 weeks ago

VIEW JOBS 10/17/2018 12:00:00 AM 2019-01-15T00:00 <p><strong>Company Description</strong></p><p>ThreatConnect® arms organizations with a powerful defense against cyber threats and the confidence to make strategic business decisions. Founded in 2011, ThreatConnect (then called CyberSquared) started servicing government agencies on specialized cybersecurity contracts while building its platform. Officially launched in 2013, the ThreatConnect Platform has grown to more than 20,000 users worldwide. Today, ThreatConnect provides a suite of products designed to meet the threat intelligence aggregation, analysis and automation needs of security teams at any maturity level - built on the industry's only intelligence-driven, extensible security platform. Whether you want to work on building a world-class security platform or as a member of the services team, you will enjoy a career that truly makes an impact. For more information on the benefits of working at ThreatConnect, visit <a href="" rel="nofollow noreferrer noopener" class="external"></a></p><p></p><p><strong>Job Description</strong></p><p>ThreatConnect is looking for highly motivated and experienced analysts with currently active U.S. Government Top Secret security clearances to fill positions on government contracts within the DC/NoVA/MD region. If you are sought after as an expert in your field and looking for a company that will both value and reward your expertise, take a look at what ThreatConnect has to offer. </p><p><br></p><p><strong>Requirements</strong></p><p>As a Network Security and Incident Response Specialist, you will support a high profile government client's cyber security efforts. Specifically, you will Identify, detect and remediate cyber intrusions through analysis of network and host based artifacts. Key responsibilities and duties for this position include: <br></p><p><br></p><p>1. Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.</p><p>2. Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary</p><p>information.</p><p>3. Evaluate firewall change requests and assess organizational risk.</p><p>4. Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.</p><p>5. Assists with implementation of counter-measures or mitigating controls.</p><p>6. Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.</p><p>7. Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity</p><p>scans to determine compliance.</p><p>8. Prepare incident reports of analysis methodology and results.</p><p>9. Maintain current knowledge of relevant technology as assigned.</p><p>10. Participate in special projects as required.</p><p>11. Responsible for the analysis and triage of network anomalies that should be considered Events of Interest (EOI). Will provide basic assessment of the anomaly; designate it as an EOI and coordinate response with CND response team.</p><p>12. Responsible for escalating EOIs to Responders in a timely manner; with all required information to ensure the response team may act upon it accordingly.</p><p>13. Must have a good understanding of networks at a packet level. Must be able to analyze packet captures at the expert level.</p><p>14. Must have experience using CND tools to detect network attack; these tools are:</p><p>- Enterprise Security Information and Event Management Systems (SIEM).</p><p>- Intrusion detection and prevention systems (IDS; IPS).</p><p>- Web Content monitoring systems (WebSense; Bluecoat).</p><p>- Firewall and syslog logs.</p><p>15. Assists with implementation of counter-measures or mitigating controls. Must be able to review multiple data sources to gather Indications and Warnings and Attack Sensing and Warnings information</p><p><strong>Benefits</strong></p><p>We work hard to reward our employees for their hard work. We offer a competitive benefits package with comprehensive insurance coverage, paid time off, and unique perks designed to help you meet your financial and personal goals.</p><p>We are committed to offering an employment experience and benefits package that enables you and your family to grow with us and to share in our success. We love to recognize our employees who have gone above and beyond, and offer incentives like quarterly awards, an employee bonus and referral program, and team-building outings.</p><p><strong>MEDICAL</strong></p><p>Full-time employees are eligible for health coverage effective from the first of the next month hired. The premiums are at no cost to the employee. We pay your premiums for individuals and families!</p><p>- Medical coverage</p><p>- Prescription drug coverage</p><p>- Dental coverage</p><p>- Vision coverage</p><p>- Company-paid short-term and long-term disability</p><p>- Company-paid life insurance and AD&amp;D coverage</p><p><strong>FINANCIAL</strong></p><p>401K retirement savings plan with company matching program of up to 6%.</p><p>Cell phone reimbursement</p><p><strong>WORK-LIFE BALANCE</strong></p><p>- 10 Paid Federal Holidays</p><p>- Accrued Paid Time Off (PTO) for vacation/sick time and holidays. 15 days (3 weeks) for new employees with the ability to accrue up to 25 days (5 weeks)</p><p>- Birthday day off</p><p>- Employee recognition program with quarterly awards</p><p>- Employee referral program of up to $5,000 per full-time hired referral</p><p>- Education Reimbursement program up to $5,250 for job-related college courses and professional training</p><p>- Company-provided refreshments at our Headquarters</p><p>- Quarterly events with your geographic team</p><p>- Annual company party</p> Threatconnect, Inc. Washington DC

Sr Cyber Security - Incident Response

Expired Job