CND-SP Incident Responder Level 4 052
IC-CAP LLC is a Woman Owned / HUBZone Small Business working in the Department of Defense and Intelligence Community. We are always looking for highly talented, energetic, and dynamic professionals that are interested in protecting the defense of our nation.
We are looking to fill this position at the following location(s):
- Washington, DC
CND-SP Incident Responder Level 4:
Responsible for strengthening the defensive posture and cyber defense operational readiness of an IT Enterprise our Enterprise Cyber Network Defense (ECND) program defends and protects Government assets from external Cyber Security attacks and Insider Threats that can potentially cause or create data, systems, networks, and personnel vulnerabilities.
Skill Level 4:
Skills and Tasks:
Exceptionally Complex, Inter-Discipline, Inter-Organizational. Can perform tasks of senior level technicians, specialists, and or managers not performed at Level 3 due to the size and/or complexity of the tasks.
May work individually or as a key member of a senior leadership team.
Oversees and monitors performance across several disciplines, and when required, takes steps to resolve issues.
Provides expert guidance and direction to Government and Vendor senior level technicians and managers.
Directs multiple contractor and subcontractor teams through to project completion.
Identify and report detected events through persistent monitoring and analysis of indications and warnings (I&W) and attack, sensing, and warning (AS&W) indicators
Respond to identified network or system cyber incidents
Analyze, contain, eradicate malicious code
Prepare and disseminate AS&W to enterprise and the CND-SP community
Conduct cyber trend analysis as well as malware analysis
Disseminate and report cyber related activities and trends
Support or conduct CND/CI coordination and reporting to the organization, DoD, and IC
Education and Experience:
HS/GED + 12 years
Associates Degree + 10 years
Bachelor's Degree + 8 years
Master's Degree + 6 years
PhD + 4 years
Functional duties consist of:
Performing Enterprise Defense Countermeasure (DC) activities and coordination with other government agencies to record and prepare incident reports and analysis methodology and results.
Monitoring and analyzing signature alerts from Intrusion Detection/Prevention Systems (IDS/IPS) for false positives.
Providing technical enforcement of organizational security policies.
Providing “tune-or-drop” recommendations towards the DC team's Signature Lifecycle Review procedure.
Provide insight to Detection and Response teams on signature functionality and providing signature tuning as needed.
Performing periodic and on-demand system audits and vulnerability assessments, including user accounts, applications access, file system and external Web integrity scans to determine compliance.
Providing guidance and work leadership to less-experienced staff.
Communicating with customers and teammates clearly and concisely.
Maintaining current knowledge of relevant technology as assigned and may have supervisory responsibilities.
Participating in special projects as required.
Will serve as a technical team or task leader.
8 years of related systems engineering experience.
A TS/SCI clearance with CI Poly (or able to obtain CI Poly).
Security+ CE orother approved DoD 8570 IAT II certification prior to employment. Viable certifications that meet this requirement are Security+ CE, CCNA Security, CSA+, GICSP, GSEC, or SSCP.
Ability to obtain an 8570 CSSP Incident Responder certification within six months from the date of hire. Viable certifications that meet this requirement are CEH, CFR,CSA+, GCFA, GCIH, or SCYBER.
Bachelors Degree in Computer Science or a related technical discipline, OR the equivalent combination of education, professional training or work experience.
Position may require evening, weekend or shift-work (depending on operational tempo).
Training and Certifications:
DoD 8570 compliance or information assurance certification commensurate with technical objectives and services required within the task order.
Applicable software or hardware training and certifications commensurate with the technical objectives, services required, and IT environment specified within the task order.
TS/SCI with CI poly (or able to obtain CI Poly).