T2 Incident Responder - Shift Schedule (w/ active Secret)
Ashburn, VA 20147, USA
Full Time Mid-level / Intermediate Clearance required USD 80K - 103K
Critical Solutions
Critical Solutions specializes in providing expert cyber security services in the areas of automation, integration and research development.T2 Incident Responder - (w/ active Secret)
Location: Ashburn, Virginia
Clearance: Secret
Full-time/ No Remote
Shift Schedule: 7am - 7pm ET, SUN - TUE, every other WED
JOB DESCRIPTION
Critical Solutions is seeking an experienced Incident Response Analyst to support a cyber security operations center (SOC) for a federal program in Ashburn, Virginia.
The IR will Utilize state of the art technologies such as host forensics tools(FTK/Encase), Endpoint Detection & Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data.
PRIMARY ROLES AND RESPONSIBILITIES:
- Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response.
- Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response.
- Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes.
- Lead Incident Response activities and mentor junior SOC staff.
- Work with key stakeholders to implement remediation plans in response to incidents.
- Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership.
- Flexible and adaptable self-starter with strong relationship-building skills
- Strong problem-solving abilities with an analytic and qualitative eye for reasoning
- Ability to independently prioritize and complete multiple tasks with little to no supervision
BASIC QUALIFICATIONS:
- US Citizen and active DoD Secret Clearance. Ability to obtain and maintain TS/SCI
- Bachelor's degree in Science or Engineering Field, IT, or Cybersecurity or related field
- 3+ years of experience be in the areas of incident detection and response, remediation malware analysis, or computer forensics.
- Prior relevant experience should be in the areas of incident detection and response, malware analysis, or computer forensics.
- Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell
MUST HAVE ONE OF THE FOLLOWING CERTIFICATIONS:
- CCFP - Certified Cyber Forensics Professional
- CCNA Security
- CCNP Security
- CEH - Certified Ethical Hacker
- CHFI - Computer Hacking Forensic Investigator
- CISSP - Certified Information Systems Security
- CIRC
- ECES - EC-Council Certified Encryption Specialist
- ECIH - EC-Council Certified Incident Handler
- ECSA - EC-Council Certified Security Analyst
- ECSS - EC-Council Certified Security Specialist
- EnCE
- ENSA - EC-Council Network Security Administrator
- FIWE
- GCFA - Forensic Analyst
- GCFE - Forensic Examiner
- GCIH - Incident Handler
- GISF - Security Fundamentals
- GNFA - Network Forensic Analyst
- GREM - Reverse Engineering Malware
- GWEB - Web Application Defender
- GXPN - Exploit Researcher and Advanced Penetration Tester
- LPT - Licensed Penetration Tester
- OSCE (Certified Expert)
- OSCP (Certified Professional)
- OSEE (Exploitation Expert)
- OSWP (Wireless Professional)
- WFE-E-CI
- FTK-WFE-FTK
- CompTIA Cyber Security Analyst (CySA+)
- CompTIA Linux Network Professional (CLNP)
- CompTIA PenTest+
- GCTI - Cyber Threat Intelligence
- GOSI - Open Source Intelligence
- CTIA - Certified Threat Intelligence Analyst
- Splunk Core Certified Advanced Power User
- Splunk Core Certified Consultant
- Splunk SOAR Certified Automation Developer
- IACRB Certified Security Awareness Practitioner (CSAP)
PREFERRED QUALIFICATIONS:
- Experience in Federal Government, DOD or Law Enforcement in CND, IR or SOC role
- Cyber Kill Chain Knowledge
- One of the following certs: CCNA, CCNP, CCSP, CEH, CNDA, DCITA, ECES, ECSA, ECSP, ECSS, ENSA, GCIA, GCIH, GISF, GNFA, GPPA, GWEB, LPT, OSCP, OSEE, SEI, CCISO
SCHEDULE:
- 7am - 7pm ET, Sunday - Tuesday, and every other Wednesday
LOCATION:
- In Office - Ashburn, VA
- Must be willing and able to commute to Ashburn, VA
Clearance Requirement: Must be a US Citizen and possess an active DoD Secret Clearance. In addition, selected candidate must undergo background investigation (BI) and finger printing by the federal agency and successfully pass the preceding to qualify for the position. US CITIZENSHIP IS REQUIRED.
CRITICAL SOLUTIONS PAY AND BENEFITS:
Salary range $80,000 - $103,000. The salary range for this position represent the typical salary range for this job level and this does not guarantee a specific salary. Compensation is based upon multiple factors such as responsibilities of the job, education, experience, knowledge, skills, certifications, and other requirements.
BENEFIT SNAPSHOT: 100% premium coverage for Medical, Dental, Vision, and Life Insurance, Supplemental Insurance, 401K matching, Flexible Time Off (PTO/Holidays), Higher Education/Training Reimbursement, and more
Tags: APT Automation Bash Business Intelligence CCNP CCSP CEH CHFI CISSP Clearance CND CompTIA Cyber Kill Chain DoD ECSA EnCase EnCE Encryption Exploit Forensics GCFA GCFE GCIA GCIH GCTI GNFA GREM GXPN Incident response Linux Log analysis Malware Monitoring Network security Open Source OSCE OSCP OSEE OSWP PowerShell Python Reverse engineering SOAR SOC Splunk Threat intelligence TS/SCI
Perks/benefits: Flex hours Flex vacation Health care
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.