Cyber Analyst Incident Response

Title:

KBR’s Mission Engineering Division delivers complex technical solutions and expert support to the U.S. Department of Defense, specializing in modeling and simulation, cyber transformation, air vehicle mission integration, and lifecycle support. As a trusted partner with a proven history in mission technology, KBR collaborates closely with clients to develop innovative and effective solutions. With a strong ethical framework, KBR prioritizes data security, privacy, and responsible information management to ensure mission success.

Job Summary:

KBR's Cyber Transformation Operating Unit is seeking a Cyber Analyst/Engineer with incident response experience to coordinate and execute cybersecurity activities at the DoD Component scale for the Defense Health Agency (DHA) to protect information systems against unauthorized activity, vulnerabilities, or threats.

This position will be onboarded as a 3rd shift in Charleston, SC. This position is a hybrid position that requires working in office as well as from home.

Roles and Responsibilities:

• This individual’s primary responsibility will be to monitor and track cybersecurity incidents and electronic data spillage events affecting all DHA mission relevant cyber terrain to ensure that response activities are expeditiously and efficiently coordinated between the Cybersecurity Service Provider (CSSP), DHA departments, DHA sites and facilities, and external entities as required.

• Provide status reports to DHA Leadership throughout the lifecycle of an event, from detection to closure, and track and provide historical metrics upon request.

• Ability to read, interpret, and implement technical policies and procedures related to information systems and information systems security

• Proficiency with written and oral communication on technical subjects

• Proficiency with general office applications and collaboration tools

• Ability to manage multiple projects simultaneously

• Strong verbal and written communications and interpersonal skills

• A self-starter, needs little direction, ability to work in a dynamic project environment

Basic Qualifications:

• A Bachelor's degree and 7 years of technical experience, or 12 years of technical experience in lieu of degree.

• Active Secret Clearance.

• Minimum of an IAT Level II certification required.

• Experience with the design, installation, and sustainment of information system hardware and software

• Knowledge of cloud service models and how those models can limit incident response

• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks)

• Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state-sponsored, and nation sponsored)

• Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)

• Knowledge of DoD cybersecurity policies, procedures, and regulations

• Knowledge of incident response and handling methodologies

• Knowledge of network security architecture concepts including topology, protocols, components, and principles

Preferred Qualifications:

• IAT/IAM Level III certification is preferred.

Travel:

• Travel required up to 25%, sometimes with little notice.

Employment Type:

• Full-time, core hours, 40 hours per week, Monday-Friday

Belong, Connect and Grow at KBR

At KBR, we are passionate about our people and our Zero Harm culture.  These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company.  That commitment is central to our team of team’s philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver – Together. 

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.