T2 Incident Responder - Shift Schedule (w/ active Secret)

Ashburn, VA 20147, USA

Critical Solutions

Critical Solutions specializes in providing expert cyber security services in the areas of automation, integration and research development.

View all jobs at Critical Solutions

Apply now Apply later

T2 Incident Responder - (w/ active Secret)

Location: Ashburn, Virginia

Clearance: Secret

Full-time/ No Remote

Shift Schedule: 7am - 7pm ET, SUN - TUE, every other WED


JOB DESCRIPTION

Critical Solutions is seeking an experienced Incident Response Analyst to support a cyber security operations center (SOC) for a federal program in Ashburn, Virginia.

The IR will Utilize state of the art technologies such as host forensics tools(FTK/Encase), Endpoint Detection & Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data.


PRIMARY ROLES AND RESPONSIBILITIES:

  • Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response.
  • Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response.
  • Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes.
  • Lead Incident Response activities and mentor junior SOC staff.
  • Work with key stakeholders to implement remediation plans in response to incidents.
  • Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership.
  • Flexible and adaptable self-starter with strong relationship-building skills
  • Strong problem-solving abilities with an analytic and qualitative eye for reasoning
  • Ability to independently prioritize and complete multiple tasks with little to no supervision

BASIC QUALIFICATIONS:

  • US Citizen and active DoD Secret Clearance. Ability to obtain and maintain TS/SCI
  • Bachelor's degree in Science or Engineering Field, IT, or Cybersecurity or related field
  • 3+ years of experience be in the areas of incident detection and response, remediation malware analysis, or computer forensics.
  • Prior relevant experience should be in the areas of incident detection and response, malware analysis, or computer forensics.
  • Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell

MUST HAVE ONE OF THE FOLLOWING CERTIFICATIONS:

  • CCFP - Certified Cyber Forensics Professional
  • CCNA Security
  • CCNP Security
  • CEH - Certified Ethical Hacker
  • CHFI - Computer Hacking Forensic Investigator
  • CISSP - Certified Information Systems Security
  • CIRC
  • ECES - EC-Council Certified Encryption Specialist
  • ECIH - EC-Council Certified Incident Handler
  • ECSA - EC-Council Certified Security Analyst
  • ECSS - EC-Council Certified Security Specialist
  • EnCE
  • ENSA - EC-Council Network Security Administrator
  • FIWE
  • GCFA - Forensic Analyst
  • GCFE - Forensic Examiner
  • GCIH - Incident Handler
  • GISF - Security Fundamentals
  • GNFA - Network Forensic Analyst
  • GREM - Reverse Engineering Malware
  • GWEB - Web Application Defender
  • GXPN - Exploit Researcher and Advanced Penetration Tester
  • LPT - Licensed Penetration Tester
  • OSCE (Certified Expert)
  • OSCP (Certified Professional)
  • OSEE (Exploitation Expert)
  • OSWP (Wireless Professional)
  • WFE-E-CI
  • FTK-WFE-FTK
  • CompTIA Cyber Security Analyst (CySA+)
  • CompTIA Linux Network Professional (CLNP)
  • CompTIA PenTest+
  • GCTI - Cyber Threat Intelligence
  • GOSI - Open Source Intelligence
  • CTIA - Certified Threat Intelligence Analyst
  • Splunk Core Certified Advanced Power User
  • Splunk Core Certified Consultant
  • Splunk SOAR Certified Automation Developer
  • IACRB Certified Security Awareness Practitioner (CSAP)

PREFERRED QUALIFICATIONS:

  • Experience in Federal Government, DOD or Law Enforcement in CND, IR or SOC role
  • Cyber Kill Chain Knowledge
  • One of the following certs: CCNA, CCNP, CCSP, CEH, CNDA, DCITA, ECES, ECSA, ECSP, ECSS, ENSA, GCIA, GCIH, GISF, GNFA, GPPA, GWEB, LPT, OSCP, OSEE, SEI, CCISO

SCHEDULE:

  • 7am - 7pm ET, Sunday - Tuesday, and every other Wednesday

LOCATION:

  • In Office - Ashburn, VA
  • Must be willing and able to commute to Ashburn, VA

Clearance Requirement: Must be a US Citizen and possess an active DoD Secret Clearance. In addition, selected candidate must undergo background investigation (BI) and finger printing by the federal agency and successfully pass the preceding to qualify for the position. US CITIZENSHIP IS REQUIRED.


CRITICAL SOLUTIONS PAY AND BENEFITS:

Salary range $80,000 - $103,000. The salary range for this position represent the typical salary range for this job level and this does not guarantee a specific salary. Compensation is based upon multiple factors such as responsibilities of the job, education, experience, knowledge, skills, certifications, and other requirements.

BENEFIT SNAPSHOT: 100% premium coverage for Medical, Dental, Vision, and Life Insurance, Supplemental Insurance, 401K matching, Flexible Time Off (PTO/Holidays), Higher Education/Training Reimbursement, and more

Apply now Apply later
Job stats:  0  0  0

Tags: APT Automation Bash Business Intelligence CCNP CCSP CEH CHFI CISSP Clearance CND CompTIA Cyber Kill Chain DoD ECSA EnCase EnCE Encryption Exploit Forensics GCFA GCFE GCIA GCIH GCTI GNFA GREM GXPN Incident response Linux Log analysis Malware Monitoring Network security Open Source OSCE OSCP OSEE OSWP PowerShell Python Reverse engineering SOAR SOC Splunk Threat intelligence TS/SCI

Perks/benefits: Flex hours Flex vacation Health care

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.