Get more qualified candidates and reduce your costs with our guaranteed recruiting solutions

Talk to an expert today

CLOSED - 2874 - Incident Handler

McLean, Virginia
Full Scope Polygraph

OVERVIEW:

We are seeking a motivated, mission-oriented Senior Incident Handler in supporting Cyber Security contract.

GENERAL DUTIES:

  • Performs actions in response to identified cyber intrusions
  • Determines appropriate course of action in response to identified cyber security attacks or anomalous network activity
  • Performs advanced analysis to include forensic seizures of hardware, malware triage and dynamic analysis, and determination of the scope of compromise during a cyber attack
  • Communicates with stakeholders and leaders to ensure cyber incidents are managed appropriately
  • Acts as incident command during small scale cyber-attacks and cyber response subject matter expert during large scale attacks
  • Recommend enterprise countermeasures based on threat trends
  • Prepares detailed recommendations for network defense improvements to close or mitigate cyber incidents

REQUIRED QUALIFICATIONS:

  • Requires a BS (bachelor's degree in electrical engineering, computer engineering, computer science, or other closely related IT discipline) Or 4 additional years of experience in lieu of degree with minimum of 5 years of related experience.
  • Demonstrated experience in cyber incident response/detection or expert network engineering, system administration, or develops
  • Minimum of 6+ years of experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management.
  • Familiarity with the following classes of enterprise cyber defense technologies:
  • Network and Host malware detection and prevention
  • Network and Host forensic tools
  • Endpoint Detection and Response (EDR)
  • Network Detection and Response (NDR)
  • Sysmon, audit, Windows Security Event Log analysis
  • Web/Email gateway security technologies
  • Experience with Splunk, Windows PowerShell, or similar technologies
  • NetFlow and Full Packet Capture solutions
  • Security Information and Event Management (SIEM) systems
  • Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
  • Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
  • AWS, Azure, GCP incident response

CLEARANCE:

  • Full Scope Polygraph minimum
Apply for job