Apply on Employer Site

Resource Management Concepts, Inc. · 22 hours ago

Tier 3 Incident Response Senior Analyst

Quantico, VA

Full-time

Onsite

Mid, Senior Level

$135K/yr - $150K/yr

3+ years exp

Resource Management Concepts, Inc. is hiring a Tier 3 Incident Response Senior Analyst to support an active government contract in Quantico, Virginia. This role involves providing defensive cyberspace operations and Cyber Security Service Provider functions to protect IT services from adversaries.

Consulting

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Collect and analyze network and host artifacts from a variety of sources to include logs, system images and packet captures to characterize activity, determine root cause, operational impact, and to enable rapid remediation and mitigation of cyber threats within the Enterprise Network through the investigation process

Conduct forensic analysis of device timeline, device memory, file systems, and packet captures (pcap) - Digital Forensics & Incident Response (DFIR)

Manage and document cyber defense incidents from initial detection through final resolution

Perform quality assurance on routine cyber incident reporting to ensure accuracy and compliance to policies and procedures

Make recommendations for alert tuning and creation of new detection use cases from information gathered during response to new techniques observed on the network

Mentor junior analysts and guide them through the investigation process as necessary

Develop and refine curriculum for the supported customer's Incident Response Course

Assist in instructing an Incident Response Course

Qualification

Incident response experienceDigital Forensics & Incident ResponseDoD 8570 IAT Level IIDoD 8570 CSSP Incident ResponderComputer Science degreeMentoring junior analystsQuality assuranceCurriculum development

Required

Three years of incident response experience

Active TS/SCI (DoD TOP SECRET clearance with Sensitive Compartmented Information access) eligibility is required. Applicant selected will be subject to security investigation(s) and must maintain eligibility requirements for access to classified information. Candidate can begin supporting this position with a fully adjudicated DoD Secret clearance

Associate's degree in a Computer Science, Information Technology, Information Systems, or Computer Engineering field; OR five (5) years of relatable work experience

DoD 8570 IAT Level II certification

DoD 8570 CSSP Incident Responder certification (or be able to obtain within 180 days)