Junior Incident Responder (Secret Clearance)

About The Position

Requirements

• Ability and prior experience analyzing information technology, IoT, and OT security events to discern legitimate security incidents from non-incidents. This includes identifying malicious code and activities present within computer systems and/or enterprise networks.
• Working knowledge of various operating systems (e.g., Windows, OS X, Linux) commonly deployed in enterprise networks. A conceptual understanding of Windows Active Directory is also required.
• Working knowledge of network communications and routing protocols (e.g., TCP, UDP, Internet Control Message Protocol (ICMP), Border Gateway Protocol (BGP), Multi-Protocol Label Switching (MPLS)), as well as common internet applications and standards (e.g., Simple Mail Transfer Protocol (SMTP), DNS, DHCP, SQL, Hypertext Transfer Protocol (HTTP), Hypertext Transfer Protocol Secure (HTTPS)).
• Experience working with various event logging systems and proficiency in security event log analysis. Previous experience with SIEM platforms that perform log collection, analysis, correlation, and alerting is also required.
• Proficiency in utilizing various Packet Capture (PCAP) applications/engines and in the analysis of PCAP data.
• Experience with the identification and implementation of countermeasures or mitigating controls for deployment in enterprise network environments.
• Experience or familiarity with IoT/OT systems and data.
• Excellent verbal and written communication skills, with the ability to produce clear and thorough security incident reports and briefings.
• Excellent organizational skills and strong attention to detail.
• Maintain focus and awareness throughout scheduled working hours.
• Perform tasks requiring prolonged periods of sitting or standing at a desk, utilizing a computer, mouse, and keyboard.
• Lift and move objects weighing up to 15 pounds as needed.
• Exhibit excellent verbal and written communication skills, with a strong command of the English language.
• Demonstrate the ability to work independently while also collaborating effectively as part of a team.
• Quickly learn and retain routine tasks and processes.
• Possess strong organizational skills, attention to detail, business correspondence proficiency, and self-management capabilities.
• Perform the essential functions of the role satisfactorily; reasonable accommodation will be provided for employees with disabilities upon request.
• Accept and adapt to additional responsibilities or changes to assigned duties as determined by DirectViz Solutions (DVS).
• Active Secret clearance

Responsibilities

• Execute the Incident Response Management Program in accordance with requirements and in alignment with the six-phase Incident Response process: planning, identification and declaration, containment, eradication, recovery, and follow-up.
• Perform incident response activities related to Internet of Things (IoT) and Operational Technology (OT) devices
• Coordinate and manage end-to-end responses to security events and incidents identified by the SOC or reported to the SOC
• Perform initial malware analysis and triage support
• Operate incident analysis tools and systems
• Adhere to reporting requirements for all declared significant incidents.

Benefits

• competitive compensation
• comprehensive medical benefits
• a 401(k) match
• generous PTO accrual
• professional development reimbursement
• corporate-funded technology certifications
• robust employee recognition and appreciation programs