Description:RavenTek is seeking a Senior Incident Handler that specializes in Cyber Incident Response. The Cyber Incident Handler will lead incident responses and perform Tactical Digital Forensics, malware analysis, and network forensics to support the containment, eradication, and recovery from computer network intrusions. Be a part of a diverse, multi-discipline team that has high visibility and several avenues for continued career growth.The CIRT Incident Handler on this agency-level Cyber Security support contract performs the following duties:Performs actions in response to identified cyber intrusionsDetermines appropriate course of action in response to identified cyber security attacks or anomalous network activityPerforms advanced analysis to include forensic seizures of hardware, malware triage and dynamic analysis, and determination of the scope of compromise during a cyber attackCommunicates with stakeholders and leaders to ensure cyber incidents are managed appropriatelyActs as incident command during small scale cyber-attacks and cyber response subject matter expert during large scale attacksRecommend enterprise countermeasures based on threat trendsPrepares detailed recommendations for network defense improvements to close or mitigate cyber incidents. Requirements:Required Security Clearance: TS/SCI with FSPQualification Requirements:Demonstrated experience in cyber incident response/detection or expert network engineering, system administration, or DevOpsExcellent interpersonal, organizational, writing, communications, and briefing skillsStrong analytical and problem-solving skillsFamiliarity with the following classes of enterprise cyber defense technologies:Network and Host malware detection and preventionNetwork and Host forensic toolsEndpoint Detection and Response (EDR)Network Detection and Response (NDR)Sysmon, audited, Windows Security Event Log analysisWeb/Email gateway security technologiesExperience with Splunk, Windows PowerShell, or similar technologiesNetflow and Full Packet Capture solutionsSecurity Information and Event Management (SIEM) systemsNetwork Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)AWS, Azure, GCP incident responseRequired Education and Experience:BS (bachelor's degree in electrical engineering, computer engineering, computer science, or other closely related IT discipline)10 years' experience if no BSMinimum of five years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data managementDOD 8570 IAT Level I, CSSP-IR, or CSSP-AOther Requirements:This position may require that you be vaccinated against Covid-19 unless you need a reasonable accommodation for religion or a health-related need.Employment Type: Full Time / PermanentWorking Conditions:This McLean, VA based position will be fixed shift, 4 days per week (10-hour shifts).Physical Requirements:Employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Regular and predictable attendance is essential.Background Screening/Check/Investigation:Successful Completion of a Background Screening/Check/Investigation will/may be required as a condition of hire.ADA: RavenTek will make reasonable accommodations in compliance with the Americans with Disabilities Act of 1990.EEO/AA: RavenTek does not discriminate on the basis of race, color, national origin, sex, religion, age, disability, sexual orientation, gender identity, veteran status, height, weight, or marital status in employment or the provision of services and is an equal access/equal opportunity/affirmative action employer.PM20PI152729560