Incident Response Analyst Lead
This job is no longer active.
View similar jobs.
POST DATE 9/2/2016
END DATE 10/21/2016
JOB DESCRIPTIONMORE INFORMATION ABOUT THIS JOB:
NetCentrics, a Haystax Company, is a leading provider of enterprise systems management, solutions engineering, applications development, information assurance, computer network defense and cybersecurity for The Department of Defense, Department of Homeland security and other federal agencies. Haystax is looking for an Incident Response Analyst Lead to join our team in Alexandria, VA. The team Lead will work closely with key customers and will manage a team of professionals, providing guidance and mentorship as needed. This position is open only to candidates with an active Secret Top Secret clearance, must be able eligible for DOD TS/SCI clearance.
* Serve as the lead cyber security technical liaison between customer staffs and other supporting entities
* Conduct detailed investigations on events of interest and perform system, network, and malware analysis.
* Responsible for managing shift personnel to ensure proper coverage, standardized processes, develop and update documentation as required, and reporting.
* Ensure team coverage 24/7; this also includes weekend work.
* Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.
* Produce comprehensive documentation on findings and actions taken in formal and informal incident reports with distribution to proper channels and LE/CI.
* Engage in functional integration discussion/coordination between technical and non-technical groups that may have involvement in Incident Response activities (e.g. Law Enforcement, Legal, IT, Intel, etc).
* Provide quality assurance and control over security technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, Security Event and Incident Management (SEIM), Antivirus, Network.
* Assist with technical requirement for special projects as required.
* Develop comprehensive metric to report potential, successful, and unsuccessful intrusion attempts and compromises through analysis of relevant event logs and supporting data sources.
* Identify misuse, malware, or unauthorized activity on monitored networks.
* Assist with implementation of counter-measures or mitigating controls
* Evaluate firewall change requests and assess organizational risk.
* Minimum of 5 years of Security Information and Event Manager (SIEM) analysis experience
* Thorough understanding of DOD security policies and procedures (STIGs) and general incident response procedures (CJCSI 6510.01 or NIST 800-61)
* Must have 3 years of incident response experience
* Ability to effectively interface with and satisfy customer requirements
* Demonstrated excellence in analytical and problem solving skills related to network and system events/logs.
* Skilled with Packet Analyzers, Security Systems Manager, malware analysis, forensics tools, and reverse engineering.
* Experience with email gateways, web gateways, PCAP and other network tools.
* Must know how to program and script using python, Perl, visual basic, PowerShell and/or comfortable with regex expressions
* Proficient in information technologies to include computer hardware and software, operating systems, and networking protocols.
* Experience with End Point Detection systems like HBSS, SEP
* Must be DoD 8570.01M IAT III within 6 months (CISSP, GSEC or S+, and SSCP).
* CND-IR compliant (CEH Certified) or must receive certifications within first 90 days.
* Must be willing to support some shift work
* Active DOD TS/SCI
* Computer network penetration testing and techniques.
* Experienced with VMWare and building virtual labs for testing software and malware.
* Experienced with static and malware analysis
* Experience with Linux and Windows operating systems
* Experienced with vulnerability assessment scanners and developing analytics/dashboards to identify poorly patched systems/enterprises
**In order to be considered for this position, you must apply directly through our careers site**
NetCentrics, a Haystax Company, is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.