Lead Incident Handler

US-VA-Pentagon
Job ID
2017-1033
Clearance Level
Top Secret/SCI

Overview

PENTCIRT Incident Handling Branch (IHB) Respond services includes the actions taken to report, analyze, coordinate, and respond to any event or computer security incident for the purpose of mitigating any adverse operational or technical impact. Incident Response includes the coordinated development and implementation of courses of action (COAs) that focus on containment, eradication, and recovery. At the same time, it ensures the acquisition and preservation of data required for tactical analysis, strategic analysis, and/or LE investigations.

Responsibilities

Serve as an incident responder and first line of the Pentagon’s cyber defense, which is responsible for identifying and responding to security threats. Operate in a 16/7 operations center environment responsible for incident confirmation, response, data collection, investigation, and analysis. Leverage knowledge of computer and network architecture to provide analysis during investigations, including identifying adversarial activity and methods for future detection and prevention. Use a combination of Open Source research, network and host forensic analysis, log review and correlation, and pcap analysis to complete investigations. Compose and present reports on findings to leadership for intrusion incidents. Manage the incident life cycle, ensuring all investigations are kept current and completed.

Qualifications

Required Education:

 

  • BA or BS degree preferred; MA or MS degree in Engineering, CS, Information Security, or Information Systems a plus

 

Required Experience:

 

  • 3+ years of experience in Cybersecurity
  • SOC or Incident Handling Management experience required
  • Experience with systems administration, network engineering, or security engineering
  • Experience with performing host or network incident response, malware analysis, or forensics
  • Knowledge of host and network log sources to apply to investigation, IR methodology in investigations, and the groups behind targeted attacks and their tactics, techniques, and procedures (TTPs)
  • Ability to lead and serve a team, as needed to complete the mission and work well under pressure to rapidly scope and investigate incidents
  • Experience with network forensics and intrusion analysis
  • Knowledge of networking concepts and analysis tools
  • Knowledge of operating systems, software, and security controls

 

Required Clearance:

 

  • Top Secret w/SCI

 

Desired Qualifications:

 

  • Industry recognized Information Security Certifications, (CEH or GCIA or GCFA and Security + CE required) CISSP a plus

 

 

About Aveshka:

Aveshka is a professional services firm focused on addressing our nation’s most complex threats and challenges. As a small business we’re committed to supporting our clients’ missions with services delivered by our diverse and experienced staff. With expertise in cybersecurity, emergency preparedness, and public health, our experience base spans federal, state, and local governments, as well as private sector entities.

 

Aveshka encourages collaborative communication and ongoing learning.  Some of our benefits include:

 

  • Extensive training programs
  • Gym membership reimbursement
  • Education reimbursement
  • Technology benefits
  • Commuter benefits
  • Generous paid time off and much more!

 

Aveshka is an Equal Opportunity Employer (EOE)

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed