Senior Incident Response Coordinator

About The Position

Requirements

• Experience responding to and coordinating responses to significant cyber incidents
• Experience working with Intelligence Community and/or Department of Defense cyber operations
• Experience developing incident response playbooks and procedures
• Experience with advanced persistent threat (APT) actor analysis and tracking
• Deep understanding of cyber incident response methodologies and frameworks
• Knowledge of Presidential Policy Directive 41 (U.S. Cyber Incident Coordination)
• Knowledge of National Cyber Incident Response Plan
• Understanding of critical infrastructure protection per Presidential Policy Directive 21
• Ability to work effectively with Intelligence Community and U.S. Cyber Command
• Strong understanding of APT actor tactics, techniques, and procedures
• Excellent crisis communication and stakeholder coordination skills
• Experience with secure communication platforms and classified information handling
• US Citizenship and the ability to obtain and maintain an active TS/SCI or higher clearance, per contract requirements.

Nice To Haves

• Bachelor's degree in Cybersecurity, Computer Science, Information Security, or related field
• GIAC Certified Incident Handler (GCIH)
• GIAC Cyber Threat Intelligence (GCTI)
• Certified Information Systems Security Professional (CISSP)
• SANS FOR508, FOR578, or equivalent advanced incident response training

Responsibilities

• Lead efforts to help the broader cybersecurity community prepare for, respond to, and recover from cyber incidents, vulnerabilities, and threats
• Coordinate response activities with federal agencies, private sector partners, and state/local governments
• Ensure response activities are aligned with national policies
• Work closely with the incident response team to mobilize resources quickly to mitigate impact of cyber incidents
• Fully leverage intelligence capabilities during incident response
• Develop and refine cyber defensive playbooks providing step-by-step guidance for responding to different types of cyber incidents, vulnerabilities, and threats
• Tailor playbooks to specific threat types including ransomware attacks and malicious cyber activity conducted by nation-state actors
• Incorporate lessons learned from previous incidents into playbook updates
• Coordinate tabletop exercises and simulations to test effectiveness of incident response strategies
• Serve as trusted and knowledgeable point of contact with Intelligence Community and United States Cyber Command
• Interface with key stakeholders to counter malicious cyber activities conducted by priority APT actors against U.S. critical infrastructure
• Manage communications during cyber incidents ensuring stakeholders are kept informed
• Draft situation reports for distribution to relevant stakeholders
• Compile after-action reports documenting key observations, lessons learned, and recommendations
• Help refine processes and policies for responding to incidents
• Aggregate operational inputs and help align resulting actions to unify efforts with broader Cybersecurity Division operations

Benefits

• Zantech offers competitive compensation, strong benefits, and a vacation package, as well as a fast-paced and exciting work environment.