Cyber Incident Responder

Oak Ridge, TN, US

Powder River Industries

HUBzone, WOSB, SDVOSB, VOSB, data science, devsecops, cyber, oracle, tanium, program management, information technology, engineering services, architecture and engineering, Powder River Industries

View all jobs at Powder River Industries

Apply now Apply later

Description

Powder River Industries, LLC provides technical services across the entire system development life cycle (SDLC). As a prime we are responsible for complete end-to-end system management for a customer’s top secret enterprise mission systems. This includes data center, logistics support, configuration management, COOP, and disaster recovery. As a subcontractor we are providing services in DevSecOps, software development, network administration, systems analysis, database administration, storage engineering, hardware engineering, Tier 1 – Tier 3 support in traditional data center environments (bare metal frames), high performance computing (HPC) centers, cloud, and hybrid cloud. The cloud environments we are operating in today are AWS, Microsoft Azure, and Oracle. 

Requirements

  • Investigates, analyzes, and responds to cyber incidents within the network environment or enclave. 
  • Coordinate and provide senior level technical support to enterprise-wide cyber defense analysts to resolve cyber defense Incidents 
  • Determine the scope, urgency and impact of cyber defense incidents 
  • Coordinate incident response functions and recommend incident remediation strategies 
  • Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation 
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security 
  • Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation 
  • Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs) 
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts 
  • Track and document cyber defense incidents from initial detection through final resolution 
  • Coordinate with intelligence analysts to correlate threat assessment data 
  • Perform cyber defense trend analysis and reporting 
  • Notify designated managers, and cybersecurity service provider team members of suspected security incidents and communicate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan 

Non Negotiable Requirements:  

1. Q or Top Secret with investigation current within the last 5 years  

2. On-site, no remote  

3. Travel Required. One week, once per quarter.


Technical Environment: Microsoft, Linux, Splunk, Ansible, Tenable, GEMS 


All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.   

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0

Tags: Ansible AWS Azure Cloud Compliance Cyber defense DevSecOps Firewalls IDS Incident response Intrusion detection Linux Log files Network security Oracle SDLC Splunk Top Secret Vulnerabilities

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.