Apply on Employer Site

TekSynap · 3 months ago

Senior Cybersecurity Incident Response Administrator - Senior

US-VA-Radford

Full-time

Onsite

Senior Level, Lead/Staff

10+ years exp

TekSynap is a fast-growing high-tech company that understands the pace of technology and the need for a comprehensive information management environment. They are seeking a Senior Cybersecurity Incident Response Administrator to manage and maintain SIEM systems, monitor security threats, and support incident response workflows for their ITES task order.

ComputerInformation ServicesInformation Technology

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Manage, configure, and maintain Security Information and Event Management (SIEM) systems to meet DoD and Army cybersecurity requirements

Deploy, install, and maintain infrastructure components that support SIEM functionality and event log ingestion

Create and manage SIEM dashboards that provide clear, actionable visualizations for detecting security anomalies in near real-time

Monitor SIEM dashboards to detect threats and abnormal behavior; investigate events and escalate incidents as necessary

Develop custom reports and queries to support audit requirements and validate security controls

Provide Public Key Infrastructure (PKI) support, including management of SSL/TLS certificates and related cryptographic services

Monitor and enforce DoD and Army web application security standards and best practices

Review and respond to Army Cyber Tasking Orders (CTOs) and coordinate actions with Army Cyber Security Service Providers (CSSPs)

Participate in Software Assurance (SwA) reviews to validate audit logs and application security events

Evaluate Information Systems Design Plans, architecture diagrams, and configuration documentation for compliance with applicable cybersecurity policies, regulations, and best practices

Support incident response workflows and collaborate with other cybersecurity stakeholders to ensure rapid containment and recovery

Qualification

SIEM platformsIncident response coordinationPKI infrastructureCybersecurity compliance standardsAudit-ready reportsApplication securityRisk Management FrameworkCyber Tasking OrdersAnalytical skillsConfiguration ManagementContinuity of Operations PlansEngineering Change ProposalsCybersecurity CertificationCommunication skillsCross-team collaboration

Required

Ten (10) or more years of experience in Cybersecurity, Incident Response, or closely related technical areas

Extensive knowledge with Army enterprise cybersecurity tools, SIEM platforms, and monitoring systems

High proficiency in building and managing SIEM dashboards, ingesting relevant data, and generating alerts

Demonstrated expertise in investigating and responding to cybersecurity events and anomalies

Proven experience developing audit-ready reports to meet regulatory and security requirements

Strong working knowledge of PKI infrastructure, digital certificates, and encryption protocols

Familiarity with reviewing and responding to Army Cyber Tasking Orders (CTOs) and collaborating with Cybersecurity Service Providers (CSSPs)

Experience with DoD/Army cybersecurity compliance standards and the Risk Management Framework (RMF)

Hands-on involvement in application security, SW assurance, and secure system design evaluations

Experience with incident response coordination, evidence handling, and containment procedures

Understanding Engineering Change Proposals (ECPs) and Configuration Management (CM)

Knowledge of Continuity of Operations Plans (COOP) and associated communication protocols

Strong analytical, communication, and cross-team collaboration skills

Must hold a current Cybersecurity Certification such as: CISSP (Certified Information Systems Security Professional), ISSEP (Information Systems Security Engineering Professional), CompTIA Security+, CEH (Certified Ethical Hacker)

Secret – IT-II Non-Critical Sensitive Clearance or Tier 3 (T3) investigation