Junior Cyber Defense Analyst / Incident Responder

About The Position

Requirements

• Must have 3, or more, years of general (full-time) work experience
• Must have 2 years of directly related experience in information security, physical security, cybersecurity, or a combination thereof
• Must have a current DoD 8570.01-M IAT Level II certification with CE (CySA+, GICSP, GSEC, Security+ CE, SSCP)
• Must have, or obtain within 6 months of start date, a DoD 8570.01-M CSSP Analyst and Incident Responder certification (CEH or CySA+ satisfy this requirement)
• Must have an active DoD Secret Security Clearance

Nice To Haves

• Have an Associate’s degree (or higher) in Cybersecurity, Computer Science, or a related field
• Have experience with security analysis in WAN/LAN environments, including routers, switches, network devices, and operating systems (Windows/Linux)
• Have experience with SOC/DCO tools such as firewalls, IDS/IPS, network security managers, forward proxies, or spam firewalls
• Have experience analyzing security compliance scans across a WAN (ACAS/Nessus preferred)
• Have experience analyzing network and host-based threats (ESS preferred)
• Be able to obtain a DoD Top Secret clearance
• Be familiar with DoD Security Operations Centers (SOC)
• Be familiar with DCO / CSSP guiding security policies and procedures
• Have an active DoD Top Secret clearance

Responsibilities

• Perform Defensive Cyber Operations (DCO) / Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM)
• Perform proactive and reactive cybersecurity duties on customer networks to improve enterprise-wide security posture
• Conduct preliminary analysis, identification, and response actions to detect, characterize, and respond to cyber incidents in accordance with CJCSM 6510.01B
• Perform cyber event and incident investigations from start to conclusion, including data gathering, analysis, and reporting
• Properly document all steps in the incident response lifecycle while preserving artifacts, evidence, and chain of custody
• Analyze correlated asset, threat, and vulnerability data against known adversary exploits and techniques to assess impact
• Leverage Cyber Threat Intelligence to search for indicators of compromise and recommend defensive improvements
• Review ongoing intrusion and cybersecurity incident data and report findings in accordance with CJCSM 6510.01B guidelines
• Support development, review, and maintenance of DCO procedures, processes, manuals, and documentation
• Provide support to internal and external Insider Threat and Law Enforcement / Counterintelligence (LE/CI) agencies during cyber incidents and investigations

Benefits

• Medical, Dental, and Vision coverage
• 401(k) with company match
• Paid Time Off (PTO)
• Mission-driven work with opportunities to grow