Incident Response Engineer, Senior

Herndon, VA
Jun 19, 2019
Nov 01, 2019
Full Time
Job Number: R0020808

Incident Response Engineer, Senior
Key Role:

Support incident response team analysts and other engineers to determine which log types have the most value for their analytics and detection. Analyze tools, processes, and procedures for responding to Cyber intrusions and come up with new methods for detecting Cyber adversaries. Deploy new monitoring infrastructure to aid the incident response team and ensure the organization has the proper Cybersecurity detection mechanisms in place. Develop and deploy new tools on the fly to assist with the detection of adversaries and meet the needs of incident response analysts.

Basic Qualifications:

-8+ years of experience with digital forensics, incident response, or information security analysis

-Experience with using Windows, Linux, and MacOS and basic internal protocols, including TCP/IP

-Experience with host-based forensic analysis and techniques

-Experience with creating automated log correlations in Splunk, ELK, or an equivalent tool used to identify anomalous and potentially malicious behavior
-Knowledge of configuring and implementing technical security solutions, including SIEM, IDAM, IDS/IPS, EDR, vulnerability management or assessment, malware, or forensics
-TS/SCI clearance with a polygraph

-BA or BS degree in IT, CS, or Cyber

Additional Qualifications:

-Experience with a common scripting or programming language, including Perl, Python, Bash, or PowerShell

-Experience with tools that include Carbon Black, Tanium, ArcSight, Splunk, and Snort

-Experience with commonly used forensic toolsets, including EnCase, FTK, or BlackLight

-Active Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Examiner (GCFE), or GIAC Certified Forensic Analyst (GCFA) Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph is required.

We're an EOE that empowers our people-no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic-to fearlessly drive change.

Similar jobs