Incident Manager
Company: Ampcus Incorporated
Location: Arlington
Posted on: March 17, 2023
|
|
Job Description:
Cyber Security Incident Manager - III - IMG03 - Full
Performance
Must have an active TS/SCI Clearance
Must be onsite in Arlington, VA -
Our client is supporting a U.S. Government customer to provide
support for onsite incident response to civilian Government
agencies and critical asset owners who experience cyber-attacks,
providing immediate investigation and resolution. Contract
personnel perform investigations to characterize the severity of
breaches, develop mitigation plans, and assist with the restoration
of services
Responsibilities:
- Correlating incident data to identify specific trends in reported
incidents
- Recommending defense in depth principles and practices (i.e.
Defense in Multiple Places, layered defenses, security robustness,
etc.)
- Performing Computer Network Defense incident triage to include
determining scope, urgency, and potential impact
- Researching and compiling known resolution steps or workarounds
to enable mitigation of potential Computer Network Defense
incidents within the enterprise
- Applying cybersecurity concepts to the detection and defense of
intrusions into small, and large-scale IT networks, and conduct
cursory analysis of log data
- Monitoring external data sources to maintain currency of Computer
Network Defense threat condition and determine which security
issues may have an impact on the enterprise
- Identifying the cause of an incident and recognizing the key
elements to ask external entities when learning the background and
potential infection vector of an incident,
- Receiving and analyzing network alerts from various sources
within the enterprise and determine possible causes of such
alerts
- Tracking and documenting Computer Network Defense (CND) incidents
from initial detection through final resolution, and work with
other components within the organization to obtain and coordinate
information pertaining to ongoing incidents
- Providing support during assigned shifts (Monday through Friday,
normal business hours)
Required Skills:
- U.S. Citizenship
- Must have an active TS/SCI clearance
- Must be able to obtain Client Suitability
- 5+ years of directly relevant experience in cyber incident
management or cybersecurity operations
- Knowledge of incident response and handling methodologies
- Having close familiarity with NIST 800-62 (latest revision), and
FISMA standards as they pertain to reporting incidents.
- Knowledge of the NCCIC National Cyber Incident Scoring System to
be able to prioritize triaging of incident
- Knowledge of general attack stages (e.g., foot printing and
scanning, enumeration, gaining access, escalation of privileges,
maintaining access, network exploitation, covering tracks,
etc.)
- Skill in recognizing and categorizing types of vulnerabilities
and associated attacks
- Knowledge of basic system administration and operating system
hardening techniques, Computer Network Defense policies,
procedures, and regulations
- Knowledge of different operational threat environments (e.g.,
first generation [script kiddies], second generation [non
nation-state sponsored], and third generation [nation-state
sponsored])
- Knowledge of system and application security threats and
vulnerabilities (e.g., buffer overflow, mobile code, cross-site
scripting, PL/SQL and injections, race conditions, covert channel,
replay, return- oriented attacks, and malicious code)
Desired Skills:
- Knowledge of different operational threat environments (e.g.,
first generation [script kiddies], second generation [non
nation-state sponsored], and third generation [nation-state
sponsored])
- Knowledge of system and application security threats and
vulnerabilities (e.g., buffer overflow, mobile code, cross-site
scripting, PL/SQL and injections, race conditions, covert channel,
replay, return- oriented attacks, and malicious code)
Required Education:
BS Incident Management, Operations Management, Cybersecurity or
related degree. HS Diploma with 7-9 incident management or cyber
security experience
Desired Certifications:
GCIH, GCFA GISP, GCED, CCFP or CISSP
For more information please contact Janice DiCicco at 860-979-0912
or jdicicco@itechsolutions.com
Since 1995, iTech Solutions Inc., has been providing IT Consulting
and Direct Hire Services to the Insurance, Financial,
Communications, Manufacturing - and Government sectors with local
offices in Connecticut, Minnesota, Colorado, - Massachusetts,
Tennessee, North Carolina, and New Jersey / Pennsylvania area.
-
Our recruiting strategy is simple, if you want to find qualified IT
professionals then use IT professionals to find them. - - So at
iTech Solutions, - our personnel are all career IT professionals
with a wide range of IT experience. - We can honestly say our staff
understands the technologies, the complexities of finding and
selecting the appropriate personnel and the pressures of running
successful IT projects. - -
Employer will not sponsor applicants for any employment visas, at
hiring or in the future, including but not limited to H-1B visas.
-Corp-to-Corp or subcontract personnel will not be considered for
this position.
Keywords: Ampcus Incorporated, Arlington , Incident Manager, Executive , Arlington, Virginia
Click
here to apply!
|