Apply on Employer Site

M9 Solutions · 3 months ago

Senior Cyber Defense Incident Responder

Washington, DC

Full-time

Onsite

Senior Level, Lead/Staff

$60K/yr - $180K/yr

8+ years exp

M9 Solutions is dedicated to providing IT services and solutions to the Federal Government, and they are seeking a Senior Cyber Defense Incident Responder to support a government contract in Washington, DC. The role involves facilitating expert technical support for cyber defense incidents, correlating data to identify vulnerabilities, and performing analysis to mitigate threats within the enterprise.

ConsultingEnterprise Resource Planning (ERP)RecruitingStaffing Agency

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Facilitates and coordinates with leadership to provide expert technical support to the enterprise-wide cyber defense technicians to resolve cyber defense incidents

Correlates incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation to any attacks within the client networks

Respond to cyber incidents as necessary and act as a liaison between entities with internal and external stakeholders within the organization

Collects intrusion artifacts (e.g., source code, malware, trojans) and uses discovered data to enable mitigation of potential cyber defense incidents within the enterprise

Performs analysis of log files from a variety of sources to identify possible threats to network security

Performs cyber defense incident triage, to include determining scope, urgency, and potential impact, identifies the specific vulnerability, and makes recommendations that enable expeditious remediation

Performs cyber defense trend analysis and reporting

Assists in Incident Response processes and in the enhancement of behavioral analytics, including the development of Concept of Operations and Standards Operating Procedures

Develops and maintains models for cyber threat mitigation and improves threat modeling

Uses behavior analytics (UBA) and ensures all infrastructure components meet proper performance standards

Coordinates and provides expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents

Coordinates incident response functions

Monitors external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat conditions and determine which security issues may have an impact on the enterprise

Performs cyber defense trend analysis and reporting

Performs initial, forensically sound collection of images and inspects to discern possible mitigation/remediation on enterprise systems

Receives and analyzes network alerts from various sources within the enterprise and determines possible causes of such alerts

Writes and publishes after-action reviews

Writes and publishes cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies

Assists junior Incident Response Technicians in their tasks

Qualification

Incident responseForensic investigationsCyber threat intelligenceBehavioral analyticsSecurity operationsStandard operating proceduresTS/SCI clearance’s degree

Required

TS/SCI security clearance

Bachelor's degree in a related field

8 years of relevant experience. In lieu of some experience, industry certifications can be substituted

Proven experience conducting incident response and forensic investigations within large, complex enterprise environments, including analysis of malware, logs, and network traffic to identify and mitigate threats

Strong understanding of cyber threat intelligence, behavioral analytics, and security operations processes, with the ability to develop and document standard operating procedures and after-action reports