Incident Response Technician - PD Specialist

About The Position

Requirements

• Must be legally authorized to work in the United States without the need for employer sponsorship now or at any time in the future.
• Bachelor's Degree in cybersecurity or related field.
• 4 years of experience identifying and investigating security incidents in a secure network environment.
• Experience in identifying current threats, vulnerabilities, and attack trends.
• Demonstrated experience with McAfee ePolicy Orchestrator, Splunk, RSA NetWitness Logs, or FireEye AX.
• Certified Incident Responder or equivalent certification.
• Active TS/SCI clearance.

Nice To Haves

• Master's degree in Cybersecurity or equivalent.
• Top Secret clearance with polygraph.

Responsibilities

• Perform malware and malicious file analysis.
• Provide initial analysis, documentation artifacts and escalate incidents to the Lead Incident Responder for detailed analysis remediation recommendations.
• Support advanced rule generation and/or trend analysis and correlation initiatives across the enterprise.
• Support in the creation of operational policies and identify documentation and/or technology process improvements and support implementations.
• Primarily target behavioral heuristics, time/frequency analysis, trending, protocol/application mismatching, etc. to identify anomalous activity that traditional IOC signatures would not identify.
• Responsible for building out a core knowledge base i.e., playbooks for each agency to be leveraged by AP and Hunt investigative operations.

Benefits

• Discretionary annual incentive program based on individual and organizational performance.
• Broad range of employee benefits.