Cyber Defense Incident Responders

Junior Cyber Defense Analyst / Incident Responder•IRES000051

Colorado Springs, CO Job Details Full-time $108,000•$115,000 a year 1 day ago

Benefits

• Paid holidays
• Disability insurance
• Health insurance
• 401(k)
• Tuition reimbursement
• Paid time off
• Parental leave
• Flexible schedule

Qualifications

• Top Secret Clearance
• Computer science
• GICSP
• Associate's degree in cybersecurity
• CSSP Analyst
• Microsoft Excel
• Security analysis
• GSEC
• Computer Science Associate's degree in computer science
• Vulnerability assessment tools
• CompTIA CySA+
• Data reporting
• Visio
• Windows
• Threat detection & response
• Host/hostess experience
• CEH
• Nessus
• Policy & process development
• Incident response
• Task prioritization
• Intelligence analysis
• DoD 8570
• Incident Investigation
• WAN
• Vulnerability scanning
• Counterintelligence
• Linux
• Proper evidence handling
• Productivity software
• Threat intelligence
• Data collection
• 1 year
• Bachelor's degree in cybersecurity
• Associate's degree
• CompTIA Security+
• Bachelor's degree in computer science
• IAT Level II
• SSCP
• Entry level

Full Job Description

Position Title: Junior Cyber Defense Analyst / Incident Responder

Location: Schriever Space Force Base, Colorado Springs, CO

Remote/Telework: NO•Not available for this position

Clearance Type: DoD Secret

Shift: Rotating shift

Description of Duties:

The Junior Cyber Defense Analyst / Incident Responder supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. The candidate will:

• Perform Defensive Cyber Operations (DCO)/Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM).
• Perform cybersecurity duties on customer networks (proactively and reactively) to improve enterprise-wide security posture.
• Perform preliminary analysis, identification, and response actions to detect, characterize, and respond to cyber incidents IAW CJCSM 6510.01B.
• Perform event/incident investigations from start to conclusion, to include gathering data, analysis, and reporting.
• Properly document all steps in the incident response process while taking care to preserve and protect incident artifacts, evidence, and chain of custody.
• Analyze correlated asset, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defensive posture.
• Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation.
• Leverage actionable Cyber Threat Intelligence data to search for indicators of compromise and make recommendations for improvements.
• Review data of ongoing intrusions or cybersecurity incidents and report, analyze, and document/report the findings in accordance with CJCSM 6510.01B guidelines.
• Provide support to internal and external Insider threat and law enforcement / counterintelligence (LE/CI) agencies during cyber incidents / investigations.

The successful candidate will:

• Have experience with most MS Office applications (Word, Excel, PowerPoint, and Visio).
• Be able to multi-task and prioritize various projects and assignments in a dynamic work environment in order to meet scheduled/unscheduled customer requests.
• Be willing to travel 25% of the time.
• Be willing to work rotating shifts in a 24x7x365 operational environment and respond quickly to emergencies as needed.
• Resumes, in month and year format, must be submitted with application in order to be considered for the position.
• The selected candidate may be assigned as an employee for one of our teammate companies.

Requirements

Basic Requirements:

• Must have 4, or more, years of general (full-time) work experience o May be reduced with completion of advanced education
• Must have 2, or more, years of directly related experience in information security, physical security, or cybersecurity, or a combination thereof.
• Must have a minimum of 17 months of CSSP experience as a Cyber Defense Analyst.
• Must have a minimum of 17 months of MDA experience.
• Applicants must be fully shift-qualified by start date.
• Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE)•(CySA+, GICSP, GSEC, Security+ CE, SSCP)
• Must have a DoD 8570.01-M CSSP Analyst and Incident Responder certification (CEH or CySA+ cover both) with 6 months of start date.
• Must have an active DoD Secret Security Clearance

Desired Requirements:

• Have an Associate's or Bachelor's degree in Cybersecurity, Computer Science or related field
• Have experience with security analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network Devices, and Operating Systems (e.g., Windows, and Linux)
• Have experience with other Security Operations Centers (SOC)/DCO tools/applications, such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, Network Security Manager, Forward Proxy, Spam Firewall, etc.
• Have experience analyzing security compliance scans performed across a WAN (ACAS/Nessus preferred)
• Have experience analyzing network and host-based threats (ESS preferred)
• Be able to obtain a DoD Top Secret clearance
• Be familiar with Security Operations Centers (SOC)/DoD
• Be familiar with DCO/Cybersecurity Service Provider (CSSP•guiding security policies and procedures
• Have an active DoD Top Secret clearance

This position is expected to pay $108,000•$115,000 annually; depending on experience, education, and any certifications that are directly related to the position.

Benefits

GCS health and welfare benefits are designed to invest in you, and in the things you care about. Your health. Your well-being. Your security. Your future. Typical benefits offered include flexible work schedules and opportunities to work remotely, educational reimbursement, retirement benefits (401K, Roth), health benefits, tax saving options, disability benefits, life and accident insurance, voluntary benefits, paid time off and paid holidays, and parental and pregnancy leave.