Our client is seeking a Cybersecurity Incident Response Team Incident Response Analyst to support our Cybersecurity Support Services contract with the Defense Manpower Data Center (DMDC). This position performs activities related to the Cyber Incident Response Team (CIRT), the team responsible for containing, responding to, and eradicating threats and other malicious activity. This position helps build and improve cybersecurity incident response capabilities and coordinate or participate in high-priority investigations, identifying incident response improvements, and preparing reports for management. We offer Full -Time Benefits (Medical, Dental, Vision, Life Insurance, Short/Long term disability and 401K) along with Learning Career Development, PTO and 10 Paid Holidays.

Duties and Responsibilities

• Perform technical incident response investigations into cybersecurity related events and incidents
• Determine the nature, scope, and cause of incidents including root cause analysis
• Identify corrective actions and aid in the containment, eradication, and recovery of a given event and incident
• Track incident response, corrective measures taken, recommendations, and remediation activities; complete incident reports for investigations as needed; provide or contribute to weekly report of events and incidents
• Create and maintain incident response SOP in accordance with CJCSM 6510.01B, NIST SP 800-61R2, DoD regulations, and industry best practices
• Respond to and investigate cyber events should an incident occur after regular business hours

Qualifications and Requirements

• Active DoD 8570 IAT Level II certification or greater, including at least one of the following certifications in good standing: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP.
• Active DoD 8570 CSSP Incident Responder certification, including at least one of the following certifications in good standing: CEH, CFR, CCNA Cyber Ops, CHFI, CySA+, GCFA, GCIH, SCYBER, or PenTest+
• Knowledge of Incident Response Handling Procedures (NIST SP 800-61)
• Familiarity with cyber adversary tactics and frameworks (such as ATT & CK and D3FEND)

Required skills and education

• Bachelor's Degree in computer science or related field
• 7+ years in Information Technology or Information Security
• 3+ years in Cybersecurity Incident Response
• CIRT lead experience a plus
• An active DoD Secret clearance with the ability to obtain and maintain a Top Secret Clearance