Junior Cyber Defense Analyst / Incident Responder - (IJCDAIR011326.1)

About The Position

Requirements

• Due to facility security requirements, only U.S. citizens are eligible for consideration at this time.
• Ability to complete a pre-employment background check and drug screening, which will include, but is not limited to, testing for marijuana use.
• This position requires access to federal facilities. Candidates must possess a valid, unexpired Real ID-compliant driver's license or state-issued identification card at the time of hire. If you are unsure whether your ID is Real ID-compliant, please check for the star symbol in the upper portion of your driver's license or state ID.
• Active Secret Clearance (or higher).
• Ability to obtain a Top Secret Clearance.
• 3 or more years of general, full-time work experience.
• 2 or more years of directly related experience in information security, physical security, and/or cybersecurity.
• Current DoD 8570.01-M IAT Level II Certification with Continuing Education (ex., Security + CE).
• Ability to obtain within a DoD 8570.01-M CSSP Analyst and Incident Responder Certification (ex., CEH, CySA+) within 6 months of start date.
• Experience with most MS Office applications (Word, Excel, PowerPoint, and Visio).
• Ability to multitask and prioritize various projects and assignments in a dynamic work environment in order to meet scheduled/unscheduled customer requests.
• Ability to work rotating shifts in a 24x7x365 operational environment and respond quickly to emergencies as needed.

Nice To Haves

• Active Top Secret Clearance.
• Experience with security analysis and solutions in WAN/LAN environments, including routers, switches, network devices, and operating systems such as Windows and Linux.
• Experience using SOC and DCO tools such as firewalls, IDS/IPS, network security managers, forward proxies, and spam firewalls.
• Experience reviewing and analyzing security compliance scans across enterprise networks, with ACAS or Nessus preferred.
• Experience analyzing network-based and host-based threats, with ESS preferred.
• Familiarity with Security Operations Center (SOC) environments within the DoD.
• Familiarity with DCO and CSSP security policies, procedures, and governing frameworks.
• Associate degree (or higher) in Cybersecurity, Computer Science, or a related field.

Responsibilities

• Perform Defensive Cyber Operations (DCO) and Cyber Security Service Provider (CSSP) duties in accordance with Evaluator Scoring Metrics (ESM).
• Perform proactive and reactive cybersecurity operations on customer networks to strengthen enterprise-wide security posture.
• Conduct preliminary analysis, identification, and response actions to detect, characterize, and contain cyber incidents in accordance with CJCSM 6510.01B.
• Perform event and incident investigations from initial detection through final reporting, including data collection, analysis, and documentation.
• Document all incident response activities while preserving evidence, artifacts, and chain of custody.
• Analyze asset, threat, and vulnerability data against known adversary techniques to determine impact and improve defensive posture.
• Support the development, maintenance, and continuous improvement of DCO procedures, processes, and operational documentation.
• Use Cyber Threat Intelligence to identify indicators of compromise and recommend security enhancements.
• Monitor and assess active intrusions or incidents and report findings in accordance with CJCSM 6510.01B requirements.
• Provide support to insider threat, law enforcement, and counterintelligence teams during cyber investigations.

Benefits

• health, dental, and vision insurance
• 401(k) contributions
• educational reimbursement