"Alerted.org

+ Provide oversight and guidance on the MDA Cybersecurity Service Provider - Computer Emergency Response Team’s (MDA CSSP-CERT’s) Cyber Defense and Incident Response program and serve as the primary POC for Jr and Mid Cyber Defense Analyst

+ Perform Defensive Cyber Operations (DCO)/Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM)

+ Perform cybersecurity duties on customer networks (proactively and reactively) to improve enterprise-wide security posture

+ Perform preliminary analysis, identification, and response actions to detect, characterize, and respond to cyber incidents IAW CJCSM 6510.01B

+ Lead event/incident investigations from start to conclusion, to include gathering data, analysis, and reporting

+ Properly document all steps in the incident response process while taking care to preserve and protect incident artifacts, evidence, and chain of custody

+ Analyze correlated assets, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defensive posture

+ Support a Cyber Defense Analyst and Cyber Defense Incident Responder training plan by instructing, evaluating, and mentoring Junior Cyber Defense Analyst and Cyber Defense Incident Responders

+ Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation

+ Leverage actionable Cyber Threat Intelligence data to search for indicators of compromise and develop SIEM content/ signatures to detect known attack patterns and make recommendations for improvements

+ Coordinate with CSSP-CERT subscribers to develop current configurations, rules, and signatures for cyber security related toolsets

+ Coordinate with CSSP-CERT subscribers to notify, investigate, and remediate discrepancies in security logging and CSSP-CERT alignment

+ Provide standardized and targeted training in support of CSSP-CERT subscriber cyber defense and incident response programs

+ Review data of ongoing intrusions or cybersecurity incidents and report, analyze, and document/report the findings in accordance with CJCSM 6510.01B guidelines

+ Provide support to internal and external Insider threat and law enforcement / counterintelligence (LE/CI) agencies during cyber incidents / investigations

+ Position may require up to 25% travel in support of MDA remote site integration activities

+ Other duties as assigned

Requirements

Education/Training:

+ Master’s Degree in Cybersecurity, Computer Science or related field required

+ Must be able to obtain a DoD 8570.01-M IAT Level III certification with Continuing Education (CE) - (CASP+, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP) within six months of hire

+ DoD 8570.01-M CSSP Analyst and CSSP Incident Responder certifications (CEH or CySA+ cover both) required

Experience:

+ Must have 6 years of combined experience performing the full life cycle of incident response and enterprise-level monitoring and analysis of events

+ Must have 2 years’ experience in management or leadership in a team environment

+ Be able to mentor and train personnel in an evolving, high-paced environment

+ Be familiar with DoD Security Operations Centers (SOC) · Be familiar with DCO/Cybersecurity Service Provider (CSSP)-guiding security policies and procedures

Preferred Experience:

+ Have experience with security analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network Devices, and Operating Systems (e.g., Windows, and Linux)

+ Have experience with other Security Operations Centers (SOC)/DCO tools/applications, such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, Network Security Manager, Forward Proxy, Spam Firewall, etc.

+ Have experience analyzing security compliance scans performed across a WAN (ACAS/Nessus preferred)

+ Have experience analyzing network and host-based threats (ESS preferred)

Security:

+ Must be a US citizen

+ Candidate must be in possession of a minimum DoD issued Secret Clearance

+ Preference will be given to candidates with an active DoD issued Clearance at level Top Secret

Physical Requirements:

+ Able to occasionally reach with hands and arms

+ Prolonged periods of computer screen use, while sitting or standing at a desk

+ Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.)

+ Able to safely lift and carry up to 20 pounds at a time

Benefits

+ Health Care Plan (Medical, Dental & Vision)

+ Retirement Plan (401k, IRA)

+ Life Insurance (Basic, Voluntary & AD&D)

+ Paid Time Off (Vacation, Sick & Public Holidays)

+ Short Term & Long Term Disability

+ Training & Development

+ Wellness Resources

Salary: $135,000 - $160,000

Salary rates for this position are competitive and commensurate with experience and industry standards. We offer a comprehensive benefits package that may include health insurance, paid time off, and retirement savings options.