The Cyber Investigator is a senior member of the Security Operations Center, and is responsible for the technical security operations in supporting a large customer on a unique and complex contract. This is a rare career-making and learning opportunity for the right person – a make-a-difference role with a large impact on National Security.
|PRIMARY DUTIES AND RESPONSIBILITIES
- Performance in multiple areas of information security including computer network defense (CND), continuous monitoring and analysis, enterprise audit, security compliance, security event monitoring and analysis, data management, analytic rule development/adjustment, incident response and investigative support
- Deliver technical security expertise in the operation of an enterprise class CND system, dealing with events caused by internal and external factors and the related mitigation recommendations for issues caused by process, threat and technology changes over time
- Act as a trusted advisor to senior leadership with extensive evidence of ability to provide strategic and tactical direction in leading activities in support of team and enterprise objectives
- Provide professional knowledge and experience of CND analytics and operations
This position is a challenging role in a multi-contractor team supporting a fast moving program for multiple customers and/or projects. This task requires expertise in CND systems and operations—you need to be the go-to technical operational security person. Establishing a track record of reliability and trust with team members and stakeholders is crucial.
Key success attributes:
- SME-level background in cyber security operations and incident response
- Experience in IC component environments
- Strong network and host security background
- Ability to operate secure solutions and analyze event related data
- Ability to effectively communicate and advocate key security requirements
- Ability to communicate effectively with senior management in government and contractor teams.
- Outstanding verbal and written communication skills.
- Shift work may be required
The ideal person for this role is flexible, hands-on experienced, technically capable, self-motivated, and can effectively influence others to deliver accurate results for the customer. Creativity, personal backbone, and cyber security operational experience is required to be successful in this position. A mix of professional relationship skills and technical skills are required in this role.
- Incident Response experience
- Enterprise-level cyber security experience
- Bachelor’s degree in a technical field
- 10+ years’ experience in hands-on CND operational and/or analysis position
- Experience working on and supporting classified networks in the IC
- Experience working in a team environment on similar tasks
- Experience in cyber security tactics, techniques, and procedures
- IT security training
- Cyber Investigation Experience
- Knowledge of Forensic tools and techniques
- Enterprise audit aggregation, logging, and analysis experience
- Knowledge of NIST 800-53 and ICD 502
- Network LAN experience
- Virtual host experience
- IDS/IPS and firewall experience
- Experience in threat/risk mitigation
|EDUCATION / CERTIFICATION REQUIREMENTS
- 8570 complaint (Within 90 days of hire)
- Bachelor's Degree and/or 12+ years(Principal) work experience or equivalent experience
- TS/SCI w/CI Poly