Incident Response Lead

About The Position

Requirements

• Bachelor's degree and 8 years of experience or 12 years with a HS Degree/Diploma.
• Experience in WATCH Operations Center or Security Operations Center (SOC) Knowledge and understanding of customer service techniques.
• Experience in using the Remedy and ServiceNOW ticketing suite
• A willingness to learn new tools and technologies and take on new responsibilities as assigned
• Must be a US Citizen.
• Must be able to obtain and maintain the required agency clearance.

Nice To Haves

• Experience working with a customer service oriented environment
• Experience providing service desk/call center support Knowledge of Microsoft Office suite
• Security+ certification
• Customer and detail oriented and possess good decision-making ability

Responsibilities

• Collect and analyze event information and perform threat or target analysis duties.
• Provide operations for persistent monitoring on a 24/7 basis of all designated networks, enclaves, and systems.
• Interprets, analyzes, and reports all events and anomalies in accordance with Computer Network directives, including initiating, responding, and reporting discovered events.
• Manages and executes first-level responses and addresses reported or detected incidents.
• Reports to and coordinates with external organizations and authorities.
• Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers.
• Provides daily summary reports of network events and activities and delivers metric reports.
• Provides detection, identification, and reporting of possible cyber, physical, and communications threat
• Performs cyber, physical, and communications incident trend analysis and reporting functions
• Characterizes and preforms analysis of potential threat activities
• Performs Cyber, Physical, and Communications triage and make proper recommendations which enable expeditious remediation
• Interact with government Program Manager for the service desk regarding operational issues
• Ensure timely and effective response to internal and external mission partners
• Follow the appropriate incident escalation and reporting procedures
• Seek to improve the quality, productivity, and culture of the service desk environment
• Coordinate distribution of incidents and service requests
• Conduct effective shift transition actions and procedures
• Duties may also include but are not limited to identifying, logging, categorizing, performing initial triage, routing, and resolving incidents and request
• Manage the lifecycle of incident and request tickets in accordance with interface agreements, performing customer relationship management activities with mission partners, internal coordination and follow up for distributed actions, and compliance with defined processes, procedures, work instructions, and program requirements.