Cyber Defense Incident Responder

Recruiter
Z FEDERAL
Location
United States
Salary
Competitive
Posted
29 Sep 2024
Closes
27 Oct 2024
Employer Sector
Technology, IT & Telecoms
Contract Type
Permanent
Hours
Full Time

CYBER DEFENSE INCIDENT RESPONDER

Z FEDERAL is seeking a Junior Cyber Defense Incident Responder to support a full range of cyber security services on a contract in Washington DC. The position is full–time/permanent and will support a U.S. Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance. This is a daytime hybrid role in which the candidate will be required to be at the client site 3x/wk.

Security Clearance Requirement: Active Secret clearance

Responsibilities Include but not limited to:

  • Develop content for cyber defense tools.
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
  • Coordinate with enterprise–wide cyber defense staff to validate network alerts.
  • Ensure that cybersecurity–enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
  • Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
  • Perform cyber defense trend analysis and reporting.
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
  • Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
  • Identify and analyze anomalies in network traffic using metadata.
  • Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).

Qualifications/Requirements:

  • Bachelors Degree
  • 4+ years' experience in Introductory information assurance, networks, sensor operations, network/data analysis, packet capture analysis, hunts methodologies, intelligence analysis.
  • Certifications addressing new attack vectors (emphasis on cloud computing technology, mobile platforms and tablet computers), new vulnerabilities, existing threats to operating environments.
  • Strong written and verbal communication skills.
  • Ability to interpret the information collected by network tools (e.g., Nslookup, Ping, and Traceroute).
  • Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
  • Knowledge of incident response and handling methodologies.
  • Knowledge of front–end collection systems, including traffic collection, filtering, and selection.
  • Experience with system administration, network, and operating system hardening techniques.
  • Knowledge of cyber defense and information security policies, procedures, and regulations.
  • Knowledge of the common attack vectors on the network layer.
  • Knowledge of different classes of attacks (e.g., passive, active, insider, close–in, distribution attacks).
  • In–depth understanding of cyber attackers (e.g., script kiddies, insider threat, non–nation state sponsored, and nation sponsored).
  • Knowledge of various types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN).
  • Knowledge of file extensions (e.g., .dll, .bat, .zip, .pcap, .gzip).

Additional Experience Preferred:

  • Experience in detecting host and network–based intrusions via intrusion detection technologies (e.g., Snort).
  • Ability to analyze malware, conduct vulnerability scans, and recognize vulnerabilities in security systems.
  • Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • Experience evaluating the adequacy of security designs.
  • Skill in using incident handling methodologies.
  • Ability to apply techniques for detecting host and network–based intrusions using intrusion detection technologies.
  • Experience with using protocol analyzers and collecting data from a variety of cyber defense resources.
  • Experience reading and interpreting signatures (e.g., snort).
  • Experience with assessing security controls based on cybersecurity principles and tenets (e.g., CIS CSC, NIST SP 800–53, Cybersecurity Framework, etc.).
  • Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
  • Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non–repudiation).

Z FEDERAL is a professional services firm located in Greenbelt, MD. Founded in 1983 to provide IT and management consulting services to the Federal Government, we have established a proven track record of reliable performance in the Federal marketplace. Z FEDERAL has a history of long–term commitment to our Federal customers and our employees.

Z FEDERAL offers:

  • Ownership via ESOP
  • Self–directed 401K and annual company match
  • Up to four weeks of paid time off (PTO)
  • 11 paid federal holidays
  • Other forms of leave such as bereavement, jury duty, military leave
  • Full Health Benefits: Medical and Vision, Dental (employee–paid)
  • Life Insurance
  • Short and Long Term Disability, AD&D Insurance
  • Flexible Spending Account (Medical and Dependent Care)
  • Performance–based bonuses
  • Tuition Reimbursement
  • Incentive and referral bonuses
  • Commuter benefits
  • Professional Development and Training
  • Years of Service Reward and Recognition Program

Z FEDERAL's commitment to employee growth and development is proven and valued by our staff. We want our employees to excel, grow professionally and take on increasingly responsible roles.