Senior Cybersecurity Incident Response Administrator

Sev1 Tech•Ft. Bragg, NC

14d

About The Position

Position is contingent upon contract award and funding. Sev1Tech is looking for a Senior Cybersecurity Incident Response Administrator (Information Assurance Engineer - Senior) who will be responsible for managing Security Information and Event Management (SIEM) systems, including deploying, installing, managing infrastructure, and monitoring events in accordance with Army Business System Log Data Policy and other DoD/Army requirements. The responsibilities include but are not limited to: Creating SIEM dashboards to display clear and concise visualizations of security-related events, enabling the detection of anomalies and investigation of threats in near real-time Monitor SIEM dashboards to detect threats and anomalies, investigate events, and escalate as necessary Assessing and developing reporting requirements to support audits and security controls, providing Public Key Infrastructure (PKI) support, and monitoring DoD and Army web application security standards and best practices Review Army Cyber Tasking Orders (CTOs), coordinate with Army Cyber Security Service Providers, participate in SW Assurance reviews, and evaluate Information Systems Design Plans for compliance with relevant security regulations, policies, and best industry practices

Requirements

Active DoD Secret Security Clearance
Cybersecurity Certification (such as Certified Information Systems Security Professional (CISSP)/Information Systems Security Engineering Professional (ISSEP)/Security+/Certified Ethical Hacker (CEH/etc.)
Minimum 10 years’ experience with Cybersecurity and Incident Response or related areas
Extensive experience managing Security Information and Event Management (SIEM) systems, including getting relevant data into the SIEM
Proficiency in creating and managing SIEM dashboards for security event visualization
Strong ability to monitor and investigate security events and anomalies
Experience in developing reporting requirements for audits and security controls
Knowledge of Public Key Infrastructure (PKI) and managing SSL/TLS certificates
Familiarity with DoD and Army web application security standards and best practices
Ability to review and respond to Army Cyber Tasking Orders (CTOs)
Experience coordinating with Cyber Security Service Providers for audit logs and incident response
Participation in SW Assurance reviews for application audit log validation
Ability to review and evaluate Information Systems Design Plans and related documents for security compliance

Nice To Haves

Bachelor's degree in Computer Science or equivalent years of experience
Familiarity with Army enterprise monitoring tools and practices
Strong analytical and problem-solving skills
Excellent communication and coordination skills
Experience with incident response activities
Knowledge of engineering change proposals and configuration management
Understanding of Continuity of Operation Plans and Communication Plans
Experience with security regulations and best industry practices
Ability to work effectively in a team environment and collaborate with various stakeholders.

Responsibilities

Managing Security Information and Event Management (SIEM) systems, including deploying, installing, managing infrastructure, and monitoring events
Creating SIEM dashboards to display clear and concise visualizations of security-related events
Monitoring SIEM dashboards to detect threats and anomalies, investigate events, and escalate as necessary
Assessing and developing reporting requirements to support audits and security controls
Providing Public Key Infrastructure (PKI) support
Monitoring DoD and Army web application security standards and best practices
Reviewing Army Cyber Tasking Orders (CTOs)
Coordinating with Army Cyber Security Service Providers
Participating in SW Assurance reviews
Evaluating Information Systems Design Plans for compliance with relevant security regulations, policies, and best industry practices