top of page

Cyber Incident Responder Detect Level 1 104-021

SysEng.png

See a complete list of our open positions

Apply at the Bottom of the Page

IC-CAP LLC is a Woman Owned / HUBZone Small Business working in the Department of Defense and Intelligence Community.  We are always looking for highly talented, energetic, and dynamic professionals that are interested in protecting the defense of our nation.  

Some of the positions are future positions.  Please look at the opening line of the job description to determine if this is an open or future position.

 

Our positions are not remote unless stated in the job description below.

We are looking to fill this position at the following location(s):

    Colorado Springs, CO

Job Description

Cyber Incident Responder – Detect:



Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web based security.



This position has an altenate locations in the National Capital Region.




Level 1:


  • Investigates, analyzes, and responds to cyber incidents within a network environment or enclave.

  • Uses data collected from a variety of cyber defense tools (e.g.,  IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.

  • Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating,   responding, and reporting discovered events.

  • Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.

  • Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.

  • Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.

  • Understands and applies more advanced processes to daily activities.

  • Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.




Job Description:


  • The successful applicant should be expected to identify potential cyber threats, determine levels of risk, and produce analytical reports for a variety of audiences. You will occasionally be required to present your findings in front of senior executives, so the ability to translate technical indicators into layperson's terms is vital.

  • Outstanding problem-solving skills are essential. When serious threats are identified, you will work closely with other areas of the security team to identify appropriate solutions. You must be passionate about technology, and able to learn the ropes of new security solutions rapidly.

  • Indicators of Compromise (IOC)s will be obtained through: forensic analysis of digital information, Open Source Intel (OSINT) review/monitoring, available tools both customer provided and free, and pivoting/researching on previously reported IOCs.

  • Must have common knowledge of standard network infrastructure.

  • Other items that would be good to know include: domain masquerading, certificates, and file hashing.

  • Familiar with monitoring emerging threats through Tools, Techniques, and Procedures (TTPs) and how they relate to the MITRE ATT&CK framework

  • Participate in collaborative sessions with other CNDSPs and IC agencies on malicious intrusions, attacks or suspicious activities, as well as share emerging Cyber Threat Intel data.

  • Assist in the development of IOCs for active defensive countermeasures and passive detection signatures.

  • Good written communications skills are necessary in order to properly document and report the identification and sharing of newly identified IOCs.

  • Attention to detail and ability to work with team-members and independently.




Education and Experience:


  • HSD/GED +6yrs

  • Associates +4yrs

  • Bachelors +2yrs

  • Masters +0yrs

  • NOTE:  Relevant professional certifications will be considered  equivalent to six (6) months of relevant experience




Required Certifications:


  • IAT II 



Security Clearance:


  • DoD Approved Clearance and Poly

You are applying for the position of 
Cyber Incident Responder Detect Level 1 104-021
Upload Your Resume
bottom of page