Apply on Employer Site

D2 Consulting · 1 day ago

Cyber Security Operations Specialist Tier 3

Springfield, VA

Full-time

Onsite

Senior Level, Lead/Staff

$110K/yr - $115K/yr

8+ years exp

D2 Consulting is seeking a CSOC Tier 3 Cybersecurity Incident Responder to defend critical systems from cyber threats. The role involves coordinating incident response efforts, collaborating with various teams, and performing advanced malware analysis and digital forensics to ensure robust cybersecurity operations.

Cyber SecurityInformation TechnologySoftware

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Incident Response Leadership: Coordinate and execute tasks during cybersecurity incidents, including containment measures, IP/domain blocks, and disabling user accounts under Government direction

Collaborative Investigations: Work closely with the Security and Installations Directorate, Insider Threat Office, law enforcement, and counterintelligence personnel to triage and investigate incidents

Incident Reporting & Categorization: Produce detailed security incident reports, categorize events, and ensure proper reporting, containment, and eradication of incidents

Cross-team Coordination: Ensure seamless coordination across contracts and organizations to de-conflict blue/red team activities and ensure recovery from incidents

Documentation & Analysis: Develop timelines, briefings, and documentation to inform stakeholders about incident impacts and response actions. Keep detailed records of actions taken in authorized ticketing systems

Custom Tools & Scripting: Develop and execute custom scripts and tools to analyze data and respond to incidents, when authorized by the Government

Digital Media & Malware Analysis: Perform in-depth analysis of host, server, and network data, including volatile and non-volatile memory, system artifacts, and malware reverse engineering

Adversary Attribution & Signature Development: Identify indicators of compromise and develop signatures to share with cybersecurity stakeholders. Provide detailed adversary attribution to support incident response

Continuous Improvement: Collaborate with Tier 1 and 2 teams to remediate discrepancies and provide recommendations to prevent future incidents

Qualification

Incident ResponseMalware AnalysisDigital ForensicsScriptingSecurity ClearanceTechnical ExpertiseDocumentation & ReportingCollaboration & CoordinationCommunication

Required

ACTIVE TS/SCI SECURITY CLEARANCE REQUIRED

A Bachelor's Degree or 8+ years of relevant cybersecurity experience, with a strong focus on incident response and digital forensics

Active TS/SCI clearance with the ability to obtain a polygraph

Must have or be able to obtain certifications as required by DoDD 8140.01 and DoD 8570.01-M IAT Level II and CSSP Incident Responder within six months of start

Expertise in malware analysis, digital forensics, and response to cybersecurity incidents, including host, server, and network data analysis

Proficiency in scripting and automation, with a focus on developing custom tools to enhance incident response capabilities

Ability to work under pressure and clearly communicate complex technical details to both internal teams and external stakeholders

Experience working as part of a team, coordinating efforts across multiple organizations and government agencies to ensure swift and effective incident response

Skilled at creating detailed incident reports, timelines, and recommendations, with a focus on clear, actionable insights