Computer Network Defense-Incident Response-TS/SCI

Location
Colorado Springs, USA, Colorado
Posted
Jul 27, 2017
Closes
Aug 31, 2017
Ref
2017-24709
Contact
General Dynamics
Function
IT
Hours
Full Time

Job Description

Mission Statement: Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation or property, and information security. Investigates and analyzes all relevant response activities.

Develop the standing up of the incident response division Assist Detection team with Incident Detection Triage and take over Incidents from Detect team and complete all actions.

Work with Program Office Divisions (And other units as needed), to remediate incidents, acquire the 5w's and ensure the incident has been rectified and documented appropriately.

Work with the Information Assurance Team, Security manager and GOVT ISSM to ensure any Data Spills are handled appropriately.

Manage the data Spill Process, working with external agencies as required to ensure cleanup and mitigation is accomplished within required times as set out by government.

Produce Daily Status updates on all Open Incidents.

Produce AAR for all closed Incidents.

Remotely access machines to remove unauthorized software, malware eradication…

Coordinate with and provide expert technical support to enterprise-wide computer network defense (CND) technicians to resolve CND incidents

Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation

Monitor external data sources (e.g., computer network defense [CND] vendor sites, Computer Emergency Response Teams, SANS, Security Focus) to maintain currency of CND threat condition and determine which security issues may have an impact on the enterprise

Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and Intrusion Detection System [IDS] logs) to identify possible threats to network security

Perform command and control functions in response to incidents

Perform computer network defense (CND) incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation

Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems

Perform real-time computer network defense (CND) incident handling (e.g., forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)

Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts

Track and document computer network defense (CND) incidents from initial detection through final resolution

Write and publish computer network defense (CND) guidance and reports on incident findings to appropriate constituencies

Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness)

Collect intrusion artifacts (e.g., source code, malware, and trojans) and use discovered data to enable mitigation of potential computer network defense (CND) incidents within the enterprise

Serve as technical expert and liaison to law enforcement personnel and explain incident details as required

Education

Bachelors Degree in Computer Science, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience.

Qualifications

8-10 years of related systems engineering experience.

Designs and defines system architecture for new or existing computer systems.


  • A) Performs complex systems development and design work that may include logic design, I/O design, firmware development, model formulation, manufacturing and development cost projections, computer architecture analysis and design, and analog or digital systems engineering. B) Performs systems modeling, simulation, and analysis. C) Reviews completion and implementation of system additions and/or enhancements and makes recommendations to management and/or clients. D) Plans and directs upgrades of operating systems and designs systems enhancements. E) Develops documentation on new or existing systems. F) Develops and directs tests to ensure systems meet documented user requirements. G) Identifies, analyzes, and resolves system problems. H) Provides system/equipment/specialized training and technical guidance. I) Determines system specifications, input/output processes, and working parameters for hardware/software compatibility. J) Provides guidance and work leadership to less-experienced systems engineers and may have supervisory responsibilities. K) Serves as liaison with clients, participating in meetings to ensure client needs are met. L) Maintains current knowledge of relevant technology as assigned. M) Participates in special projects as required.
  • Advanced knowledge of systems engineering principles, methods, and techniques.
  • Knowledge of the associated hardware, software, and equipment.
  • Professional certification in one or more specific technologies may be required, depending on job assignment.

    • Must be capable of obtaining and maintaining a Top Secret/SCI (or applicable clearance level) Security Clearance.
    • Must be DOD 8570 CND-IS within 90 days of hire
    • Must be able to achieve Security+ CE Certification (or equivalent) within 90 days of hire for positions requiring elevated privileges and ITIL V3 Foundation within six months of hire.
    • Additional specific certifications may be required, depending on job assignment.
    • The work is typically performed in an office environment, which requires normal safety precautions; work may require some physical effort in the handling of light materials, boxes or equipment.
    • This position may be required to complete short-term deployments to worldwide locations (or specific AOR).
    • The above job description is not intended to be, nor should it be construed as, exhaustive of all responsibilities, skills, efforts, or working conditions associated with this job.
    • Requests for reasonable accommodations will be considered to enable individuals with disabilities to perform the principal (essential) functions of this job.

    As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.