Senior Cybersecurity Engineer

• Provide oversight and guidance on the MDA Cybersecurity Service Provider - Computer Emergency Response Team’s (MDA CSSP-CERT’s) Cyber Defense and Incident Response program and serve as the primary POC for Jr and Mid Cyber Defense Analyst.
• Perform Defensive Cyber Operations (DCO)/Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM).
• Perform cybersecurity duties on customer networks (proactively and reactively) to improve enterprise-wide security posture.
• Perform preliminary analysis, identification, and response actions to detect, characterize, and respond to cyber incidents IAW CJCSM 6510.01B.
• Lead event/incident investigations from start to conclusion, to include gathering data, analysis, and reporting.
• Properly document all steps in the incident response process while taking care to preserve and protect incident artifacts, evidence, and chain of custody.
• Analyze correlated assets, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defensive posture.
• Support a Cyber Defense Analyst and Cyber Defense Incident Responder training plan by instructing, evaluating, and mentoring Junior Cyber Defense Analyst and Cyber Defense Incident Responders.
• Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation.
• Leverage actionable Cyber Threat Intelligence data to search for indicators of compromise and develop SIEM content/ signatures to detect known attack patterns and make recommendations for improvements.
• Coordinate with CSSP-CERT subscribers to develop current configurations, rules, and signatures for cyber security related toolsets.
• Coordinate with CSSP-CERT subscribers to notify, investigate, and remediate discrepancies in security logging and CSSP-CERT alignment.
• Provide standardized and targeted training in support of CSSP-CERT subscriber cyber defense and incident response programs.
• Review data of ongoing intrusions or cybersecurity incidents and report, analyze, and document/report the findings in accordance with CJCSM 6510.01B guidelines.
• Provide support to internal and external Insider threat and law enforcement / counterintelligence (LE/CI) agencies during cyber incidents / investigations.
• Position may require up to 25% travel in support of MDA remote site integration activities
• Other duties as assigned

Requirements

Education/Training: 

• Master’s Degree in Cybersecurity, Computer Science or related field required
• Must be able to obtain a DoD 8570.01-M IAT Level III certification with Continuing Education (CE) - (CASP+, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP) within six months of hire
• DoD 8570.01-M CSSP Analyst and CSSP Incident Responder certifications (CEH or CySA+ cover both) required

Experience:

• Must have 6 years of combined experience performing the full life cycle of incident response and enterprise-level monitoring and analysis of events
• Must have 2 years’ experience in management or leadership in a team environment
• Be able to mentor and train personnel in an evolving, high-paced environment
• Be familiar with DoD Security Operations Centers (SOC) · Be familiar with DCO/Cybersecurity Service Provider (CSSP)-guiding security policies and procedures

Preferred Experience:

• Have experience with security analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network Devices, and Operating Systems (e.g., Windows, and Linux)
• Have experience with other Security Operations Centers (SOC)/DCO tools/applications, such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, Network Security Manager, Forward Proxy, Spam Firewall, etc.
• Have experience analyzing security compliance scans performed across a WAN (ACAS/Nessus preferred)
• Have experience analyzing network and host-based threats (ESS preferred)

Security:

• Must be a US citizen

• Candidate must be in possession of a minimum DoD issued Secret Clearance
• Preference will be given to candidates with an active DoD issued Clearance at level Top Secret

Physical Requirements:

• Able to occasionally reach with hands and arms
• Prolonged periods of computer screen use, while sitting or standing at a desk
• Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.)
• Able to safely lift and carry up to 20 pounds at a time

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Short Term & Long Term Disability
• Training & Development
• Wellness Resources