Apply on Employer Site

ShorePoint Inc · 3 weeks ago

Cyber Incident Responder (Top Secret Clearance)

Washington, DC

Full-time

Onsite

Senior Level, Lead/Staff

8+ years exp

ShorePoint Inc is a fast-growing cybersecurity services firm focused on protecting data for high-profile customers. They are seeking a Cyber Incident Responder to support cybersecurity operations, assess system security, and strengthen overall security posture through incident response and vulnerability testing.

Cyber SecurityNetwork SecuritySecurity

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Hiring Manager

Pam P.

Responsibilities

Support incident response, threat hunting and forensics activities, while also conducting security assessments and vulnerability testing

Use signature-based scanners, data collection tools and hardware analysis tools to assess potential threat events

Perform Security Information and Event Management (SIEM) reviews to ensure proper detection and notification of threats

Support vulnerability analysis and develop mitigation strategies to prevent future threats

Contribute to Authorization & Accreditation (A&A), Plan of Action & Milestones (POA&M), vulnerability management and continuous monitoring efforts

Conduct automated and manual tests on information systems using industry-standard tools such as vulnerability scans, source code reviews and web application testing

Develop test plans, execute tests and prepare detailed after-action reports

Document testing processes in accordance with agency regulations and Standard Operating Procedures (SOPs)

Support remote locations with traveling assessments as scheduled (~60% travel expected, Continental United States)

Qualification

Cybersecurity operationsIncident responseVulnerability testingSecurity InformationEvent Management (SIEM)NessusMetasploitBurp SuiteUnix/LinuxMicrosoft operating systemsCISSPAnalytical skillsCritical thinking

Required

Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field or 10 years of relevant IT experience

8 years+ of relevant experience. Equivalent combinations of education, certifications or demonstrable work may be considered in lieu of direct experience

Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking

Expertise in at least one of the following areas: Web applications and technologies, Networking technologies, Enterprise solutions, storage and databases, Cross-domain solutions, Virtualization technologies, Mainframes

One or more of the following certifications: CISSP, ISACA, OSCP, CISA, GPEN, GWAPT or CEH

Applicants must hold and maintain an active Top Secret with SCI eligibility and ability to pass a Counterintelligence (CI) polygraph

Experience with open-source and commercial testing tools such as Nessus, Metasploit, Burp Suite, App Detective and Nmap

Familiarity with security policies of the Department of Justice (DOJ), FBI and National Institute of Standards and Technology (NIST) guidelines (e.g., 800-53, 800-53a)

Advanced understanding of security tools with the ability to configure and troubleshoot them as needed

Expertise in Unix/Linux or Microsoft operating systems, with extensive experience in at least one

Broad knowledge of security methodologies, solutions and industry best practices

Strong critical thinking and analytical skills, with the ability to interpret and synthesize complex data