Ops Watch Incident Response Analyst - North Charleston, South Carolina | CareerCircle
Job thumbnail

Ops Watch Incident Response Analyst

TEKsystems

02/07/2022

Posting ID: JP-002625856

×Not Interested
Save Job
Pin drop icon
North Charleston, South Carolina
Share:Facebook iconTwitter iconLinkedin icon

Description:

Computer Network Defense & Incident Response Analyst

Charleston, SC

**Minimum of a Secret Clearance Required with ability to obtain TS/SCI**

Position Description

As a CND Incident Response Analyst you will identify, isolate, investigate, inform, and implement measures to detect and protect data across a wide spectrum of sources and locations. You will validate suspicious events or reports and determine if the event constitutes an incident. You will ensure incidents are properly entered into the appropriate reporting system and determine the severity of the incident.

Position Requirements and Duties

• Maintains familiarity with CJCSM 6510.01B.

• Compiles and maintains internal standard operating procedure (SOP) documentation.

• Ensures associated documentation and capabilities remain compliant with CJCSM 6510.01B and other applicable policy directives.

• Provides network intrusion detection and monitoring, correlation analysis, incident response and support for the Cybersecurity Service Provider (CSSP) and its subscriber sites.

• Validates suspicious events or reports and determine if the event constitutes an incident and properly enter associated data into the appropriate reporting systems.

• Coordinates with JFHQ-DoDIN and supported entities regarding significant incidents to ensure proper analysis is performed and timely and accurate reporting of the incident is completed.

• Provides 24x7 support for the CSSP’s Incident Response capability during non-core business hours consistent with CSSP requirements as needed.

• Performs network and host-based digital forensics on Microsoft Windows based systems and other operating systems as necessary to enhance response to, support of, and investigation into significant network incidents.

• Possesses working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.).

• Explores patterns in network and system activity via log correlation using Splunk and supplemental tools

• Possesses understanding of IDS/IPS solutions to include signature development and implementation

• Participates in program reviews, product evaluations, and onsite certification evaluations.

-Up to 15% Travel may be required

- Overtime may be required as needed to support incident response actions (Surge)

- Due to the nature of the work required, operations are conducted 24/7/365 with three primary shifts. Choice of shifts will be made available with the understanding that placement is at the discretion of the CSSP Services Director and/or assigned manager.

Qualifications:

4+ years experience in Cybersecurity Service Provider (CSSP) environment or similar

DoD or DoN Cybersecurity Workforce (CSWF) Certification or compliance (DoDD 8140 or SECNAV M-5239)

Required Skills:

Knowledge of Incident Response Procedures

Knowledge of Packet Analysis

Knowledge of IDS/IPS solutions

Familiarity with various Host-Based Tools

Experience with Log Aggregation Tools

Logical thinking and analytical ability

Verbal and written communication ability

Highly Desired Skills:

Knowledge of CJCSM 6510.01B

Experience with Digital Forensics

The ability to solve problems independently

Additional Skills & Qualifications:

Must be IAT II and CND IR compliant. 90 days to obtain cert. Candidates highly preferred to be compliant upon interview. Will be required to obtain Windows OS cert - Fed VTE skill soft training with fulfill requirement (Free)

***Need to be flexible on shifts based on the nature of the work 24/365. There is a weekend rotation.

IAT II Certs and Above: CCNA Security, CySA+ **, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP

CSSP Certs: CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+ **, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+, SSCP, CHFI, CFR, CND, CCNA-Security, GCFA, CISA, GSNA,, CISM, CISSP, CCISO

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

Contact Information

Recruiter: Jean Chambers

Phone: (410) 579-3072

Email: jchambers@careercircle.com

Related Courses

Blog