Incident Response Analyst/Threat Management Analyst

VMD Corp
Washington, DC
Apr 24, 2021
May 05, 2021
Full Time
DescriptionFounded in 2002, VMD is an award-winning provider of Agile Software Engineering, Digital Infrastructure, Cybersecurity, and Transportation Security Services to numerous US Federal Government clients including projects across both DoD and Civilian agencies. We specialize in high-level, tip of the spear engagements with a significant impact on mission success for our clients.Why Join VMD Corp?VMD fosters a culture that is founded on Eight Core Values and you can watch what our Core Values mean to our Vision Mission Driven employees. VMD Employees envision the future. We hold ourselves accountable and hold each other to equally high standards. Our people recognize and reward greatness and are humble in doing so. VMD Employees understand big accomplishments take a team. Our people learn from both our mistakes and successes; we pursue improvement relentlessly, objectively and without bias. We share our thoughts and ideas with purpose and transparency. We commit to the mission, the customer and to each other. We love being nimble and producing results.Our team is one of the best in the business.About the Mission You Will Join:The Department of Labor (DOL) has entrusted VMD to support the Office of the Chief Information Officer's (OCIO's) Cybersecurity Division to provide enterprise-level cybersecurity services including Information Security Governance and Policy, ISSO and Assessment Services, and Security Operations Center support. The Department of Labor administers and enforces more than 180 federal laws and thousands of federal regulations.VMD's mission is to work on the high-priority federal cybersecurity initiatives within the Cybersecurity Division encompassing cybersecurity governance, oversight, and security activities of approximately 27 agencies within DOL and 80+ FISMA reportable system boundaries. VMD facilitates the implementation and operations at an enterprise-level that deal with a wide-range of cybersecurity tools and incidents to protect DOL IT assets from adversaries. The entire team consists of 50 cybersecurity professionals and could potentially double within the next year as agency cybersecurity contracts roll up to this enterprise contract.Your Impact to the Mission: Do have a passion for taking an organized approach to addressing and managing the aftermath of a security breach or cyberattack? It's serious business to ensure American's data is protected. Do you thrive in an environment where you can actively monitor systems and networks for intrusions and make a real difference? In this Tier II Cybersecurity Incident Responder opportunity, your expertise in proactively identifying security flaws and vulnerabilities and then developing plans of action to remediate those issues, will be vital in protecting about 10 million employers and 125 million workers. You will do this by performing security audits, risk analysis, network forensics and penetration testing in order to analyze, develop, and recommend courses of action.Experience Needed to Be Successful:Ability to navigate complex IT activities that span functions of organizations and regions to align results with organizational goalsKnowledge of Agile methodologies and experience using agile to implement projects within a federal government environment, as well as managing an agile teamAbility and experience to deal with ambiguity and frequent changes in priorities, as well as prioritize workload based on needs of the customerExperience maintaining and managing client interface at senior levels across multiple client organizationsMeeting with customer and contractor personnel to formulate and review task plans and deliverable items. Ensures conformance with program task schedules and costsPerforming malware analysis and reverse engineering of systems, applications, and assets across the agency enterprise.Developing a procedural set of responses to security problems that result in repeatable processes for others to follow.Establishing protocols for communication within an organization and dealings with external partners to include but not limited to DHS, US-CERT, OMB, GAO, OIG, and law enforcement during security incidents.Creating a program development plan that includes security gap assessments, policies, procedures, playbooks, training and tabletop testing.Producing detailed incident reports and technical briefs for management, administrators and end-users.Liaising with other cyber threat analysis entities.Evaluating analytically and systematically problems of work flows, organization and planning and develops appropriate corrective action.Participating in the creation of technical demos, briefings, and oral presentations materials. Providing Technical thought leadership and SME value to client interactions. Creating strategies for developing win themes and addressing business challenges and opportunities uniquely and distinctly.Working in assigned shifts in a 24x7 ESOC environmentBasic Qualifiers:Education Requirement: Bachelor's Degree Specific Field of Study or Degree (if any): Computer Science, Information Management (IM), Information Technology, Engineering, or equivalentCan Additional Years of Experience Substitute for Degree? NoWork Status Allowable: US Citizen or Permanent ResidentMinimum Clearance to Start: Must undergo and successfully attain Minimum Background Investigation (MBI) security investigationDesired Certifications:Certified Information Systems Security Professional (CISSP), Certified Incident Handler, Certified Intrusion Analyst, Certified Ethical Hacker, or similar certifications highly recommendedThe Type of Person That Will Excel:You demonstrate personal accountability and integrity in all actions.You interact well with people and are a natural team player.You consistently meet deadlines and come prepared to offer solutions and contribute in meaningful ways.Travel: NoneVMD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable Federal, state and local laws. VMD maintains a drug-free workplace.