Incident Manager/Cyber Action Officer

Incident Manager/Cyber Action Officer

Location: Arlington, VA

Must have Top Secret Security Clearance

Node is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel perform investigations to characterize the severity of breaches, develop mitigation plans, and assist with the restoration of services.

Node is seeking a Cyber Action Officer to support this critical customer mission.

Responsibilities:

- Supporting the management of cyber incidents through the incident response lifecycle.

- Creating and maintaining routine reporting of cyber incidents in official systems of record, to including case management systems and ticketing.

- Coordinating with internal and external customers, partners, and stakeholders.

- Ingesting, validating, and evaluating information to determine optimal courses of action, to including providing response support to requesting entities.

- Updating and tracking cases and tickets with accuracy, timeliness, reliability, and consistency.

- Drafting summaries of ongoing operations and being able to provide oral presentations for various levels of leadership.

- Maintaining knowledge objects in a system of record consistently and professionally.

- Supporting teams that apply risk management and protocols to evaluate risks and prioritize responses based on national security strategies (NCISS).

- Supporting teams conducting threat and vulnerability management to recognize and categorize types of vulnerabilities, threat actors, and different operational threat environments, and associated attacks (MITRE ATT&CK framework).

- Support teams performing network security monitoring and/or security operations analysis, system administration, operating system hardening, cyber hygiene techniques, and cybersecurity defense policies, procedures, and regulations.

Requirements

Required Skills:

- U.S. Citizenship

- Must have an active TS/SCI clearance

- Must be able to obtain DHS Suitability

- 5+ years of directly relevant experience in cyber incident management or cybersecurity operations

- Knowledge of incident response and handling methodologies

- Having close familiarity with NIST 800-62 (latest revision), and FISMA standards as they pertain to reporting incidents.

- Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident

- Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)

- Skill in recognizing and categorizing types of vulnerabilities and associated attacks

- Knowledge of different operational threat environments (e.g., first-generation [script kiddies], second-generation [non- nation-state sponsored], and third-generation [nation-state sponsored])

- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)

- Excellent oral and written communication skills

Desired Skills:

- Familiarity with different operational threat environments (e.g., first-generation [script kiddies], second-generation [non nation-state sponsored], and third-generation [nation-state sponsored])

- Familiarity with system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)

- Familiarity with basic operating system hardening techniques, Computer Network Defense policies, procedures, and regulations

Required Education:

BS Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 7-9 incident management or cyber security experience

Desired Certifications:

Security+, GCIH

Company Overview:

Node. Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.

Our Core Values help us in our mission. They include:

OUR CORE VALUES

Identifying the~RIGHT PEOPLE~and developing them to their full capabilities

Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner

We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence

Our mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions

Benefits

We are proud to offer competitive compensation and benefits packages to include:

• Medical
• Dental
• Vision
• Basic Life
• Health Saving Account
• 401K
• Three weeks of PTO
• 10 Paid Holidays
• Pre-Approved Online Training