Cyber Security Incident Response Analyst

Employer
AboutWeb
Location
Bethesda, VA
Posted
Jun 12, 2017
Closes
Aug 25, 2017
Industry
Security
Hours
Full Time
Cyber Security Incident Response Analyst

AboutWeb is currently looking for a Cyber Security Incident Response Analyst to join a cyber security operations team on a contract with a federal government client with an important mission. This role will afford an opportunity to work with a great team while serving a fulfilling mission.

Responsibilities:
  • Monitor, triage, and prioritize events, alerts and tips for further investigation
  • Investigate events, alerts and tips to determine if an incident has occurred
  • Investigate network traffic for potential security incidents using
    • Sensor data
    • Packet captures (occasional)
  • Coordinate the response for confirmed security incidents, to include efforts to contain, remediate, recover, and prevent
  • Escalate to Enterprise Network Defense Analysts for more complex, deep, or lengthy investigations.
  • Maintain situational awareness and keep current with cyber security news and threat actor Tactics, Techniques, and Procedures (TTPs)
  • Document investigations using tickets, incident reports, etc.
  • Support the production of effective situational awareness products with relevant metrics and visualizations for key constituents and leadership
Qualifications / Requirements:
  • Credentials
    • Three or more years of work experience with at least one of those specialized in cyber security
    • BA or BS degree (additional years of experience in cyber security reduce this educational requirement)
  • Sound cyber security knowledge foundation, to include understanding of
    • Computer and network technology fundamentals
    • Network security
    • Host security
    • Security tools and technologies
  • Experience, Skills and Abilities
    • High technical ability/aptitude, demonstrated through prior technical experience and accomplishment
    • Critical thinking skills
    • Analytic skills and experience
    • Strong teamwork and collaboration skills
    • Good written and verbal communication skills
    • Ability to pass a security clearance background investigation
    • Ability to work independently
    • Ability to work on occasional weekends and holidays

Preferred Qualifications:
  • One or more certifications in information security (such as GCIA, GCIH, CEH, CISSP, SSCP, Sec+, etc)
  • Experience in a cyber security operational environment
  • Security clearance
  • Knowledge and experience using an incident response framework
  • Experience with SIEM tools
  • Programming or scripting experience
  • Server and/or application administration experience