Careers

Search Jobs Connect With Us

Incident Response and Intrusion Analyst

Job Attributes

Job Id:

27991

Job Category:

Cyber Security & Information Assurance

Job Location:

Alexandria, VA  22311

Security Clearance:

Secret

Business Unit:

Zachary Piper Solutions

JOB DESCRIPTION

Incident Response Forensic and Intrusion Analyst

Job Description:

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.  The key responsibilities listed below are representative of the knowledge, skill, and/or ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Primary focus will be on the containment, restoration, investigation, and reporting of activities related to computer security incidents.

Key Responsibilities:

  • Support all aspects of Computer Security Incident Response activities for a large enterprise
  • Conduct analysis of cyber incidents and remediate or recommend remediation as appropriate in accordance with established incident response processes (detection, triage, incident analysis, remediation and reporting)
  • Conduct highly technical examinations, analysis and reporting of computer based evidence related to security incidents (intrusion artifacts/IOCs) or investigations
  • Reconstruct events from network, endpoint, and log data
  • Support personnel to scope, contain, and eradicate cyber incidents
  • Support vulnerability and penetration testing
  • Ensure the secure handling of digital evidence and matter confidentiality
  • Identify recurring incidents within a customer’s environment and determine the need to escalate to the appropriate technical resources, ensuring resolution of more complex issues
  • Recognize potential successful and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information
  • Assist with implementation of countermeasures or mitigating controls as needed
  • Request and analyze on-demand system audits or vulnerability assessments when necessary to determine compliance
  • Be responsible for quality control of incident reports
  • Close incidents and prepare incident reports of analysis methodology and results
  • Communicate effectively and articulate the identified issues and resolution steps to bring the customer’s incident to a resolved state
  • Engage customers in a professional manner, resolving requests and incidents with a high sense of urgency and ownership
  • Track, measure and evaluate Incident Response compliance across the enterprise

Candidate may also provide general technical cybersecurity support in the areas of vulnerability assessment, risk assessment, network security, and security implementation. Additional general duties include implementation and support for protecting the confidentiality, integrity and availability of sensitive information; providing input into the design of IS contingency plans; and conducting testing and audit log reviews to evaluate the effectiveness of current security measures.

Technologies Desired:

  • Experience applying troubleshooting techniques across various server, application, and network technologies including:
    • Operating systems – Windows, RHEL and relevant DoD STIGs
    • Networking knowledge – TCP/IP, inspection tools, and network devices.
    • ArcSight, FireSight
    • DoD tools - vulnerability scanners (ACAS/Nessus) and HBSS (McAfee ePO and point products)
    • WireShark

 

Education

Bachelor’s degree and 2+ years of related cyber analysis and incident response experience OR 6+ years of related experience and certifications may be considered in lieu of degree

 

Qualifications

Required Qualifications:

  • Must have Active DoD Secret clearance or higher, and an ability to obtain and maintain a Top Secret clearance
  • Security+CE and ONE of the following CEH, CFR, CCNA Cyber Ops, CySA+, GCFA, GCIH, SCYBER (DoD 8570)
  • Knowledge of DoD security policies and practices
  • Excellent communication and analytical skills
  • Experience with incident response processes (detection, triage, incident analysis, remediation and reporting).
  • Willing to work overtime, holidays, and week-ends as necessary

Desired Qualifications

  • Experience in an enterprise environment (1500 servers plus 2500 workstations)
  • Knowledge of CJCSM 6510 policy and procedures
  • Experience with digital investigations including: incident handling and response, network and computer forensics, malware and memory analysis.
  • Experience with ServiceNow or similar service management/ticketing systems
  • Ability to prioritize workload and competing demand

 

Please email qualified resumes to jsimmons@zacharypiper.com.

Apply Now

CONTACT INFORMATION (Required)
RESUME (Required)
No file selected
x
Formats accepted: .doc / .docx / .pdf / .txt
Don't have a resume? Click here to fill out a short form.

Copy/paste your resume inside the text editor below:

ADDITIONAL INFORMATION (Required)
WORK HISTORY (Required)
Add another experience (optional)
EDUCATION (Required)
Add another degree (optional)
SKILLS (Required)
Add another skill (optional)

The following error(s) occurred:

Please wait while your job application is being processed. This may take a few moments.
New Search

Job Id:

27991

Job Category:

Cyber Security & Information Assurance

Job Location:

Alexandria, VA  22311

Security Clearance:

Secret

Business Unit:

Zachary Piper Solutions