Incident Response- Threat Intelligence Subject Matter Expert III
Full Time
Washington, DC 20373
Posted
Job description
Eagle Harbor Solutions (EHS), a Koniag Government Services company, is looking for a highly qualified, experienced and self-motivated individual with a
TS/SCI clearance to perform the duties of an
Incident Response, Threat Intelligence Subject Matter Expert III to support
EHS and our government customer in the DC Metro area.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Position Overview:
The SME III defines the complex problems and performs detailed analysis and develops plans and requirements in the subject matter area for highly complex systems. Serves as Subject Matter Expert possessing in-depth knowledge or skills in a particular area such as information technology, telecommunications, security/cyber security operations, computer science engineering, software, mathematics, hardware, materials, business, state of the art technologies or program related subject matter. Individual will have high level skills in investigating and responding to cybersecurity threats, especially mobile threats, will make configuration recommendations and develop effective response strategies to complex threats for any aspect of the IT enterprise. Individual has unique capabilities or experience not available under other categories or requiring unique program related training or experience. Individual may be a recognized leader, pioneer or expert in their field.
Essential Functions, Responsibilities & Duties may include, but are not limited to:
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Position Overview:
The SME III defines the complex problems and performs detailed analysis and develops plans and requirements in the subject matter area for highly complex systems. Serves as Subject Matter Expert possessing in-depth knowledge or skills in a particular area such as information technology, telecommunications, security/cyber security operations, computer science engineering, software, mathematics, hardware, materials, business, state of the art technologies or program related subject matter. Individual will have high level skills in investigating and responding to cybersecurity threats, especially mobile threats, will make configuration recommendations and develop effective response strategies to complex threats for any aspect of the IT enterprise. Individual has unique capabilities or experience not available under other categories or requiring unique program related training or experience. Individual may be a recognized leader, pioneer or expert in their field.
Essential Functions, Responsibilities & Duties may include, but are not limited to:
- Provide enterprise-wide management of security incidents in unclassified, organizations’-managed network space, to detect, respond and report all computer related incidents that includes daily monitoring of the organization’s information systems, vulnerability remediation, intrusion detection, log reviews and malware tracking as well as provide cyber threat analysis to proactively deter advisories
- Provide infrastructure, operations, and maintenance support for network-based intrusion detection systems (Debian GNU/Linux) and other Security Information tools such as Event Management solutions (Splunk) and Network Security Management solutions (Skybox Security and Nessus)
- Conduct assessments, identification, and remediation of the individuals and /or systems affected
- Reporting of all information security incidents through the proper authority within the specified timeline
- Ensure that the Incident response program complies with applicable security policy, for example the Federal Information Security Management Act (FISMA) of 2002 and the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-61, Rev. 2, US-CERT Federal Incident Notification Guide, and USAID Computer Security Incident Handling Guide
- Develop and updates as necessary all procedures to identify and respond to incidents, to prevent or limit damage to the organization’s assets
- Prepare and present subject matter expertise in executive threat briefs on the current threat environment
- Monitor, triage, prioritize events, and respond to alerts for further investigation. Complete, thorough, and detail-oriented work in a timely manner is a must.
- Investigate SIEM events, alerts, and tips to determine if an incident has occurred.
- Analyze CTI reporting & IOCs to improve network defenses and other security measures.
- Understanding of multiple log types including Windows, AD, Email, VPN, etc.
- Maintain situational awareness and keep current with cyber security news and threat actor Tactics, Techniques, and Procedures (TTPs).
- Document ongoing investigations and analysis using ticketing and incident reporting systems.
- Support the production of effective situational awareness products with relevant metrics and visualizations for key constituents and leadership.
Work Experience, Knowledge, Skills & Abilities:
- 7+ years of experience with two years specialized in information security.
- Bachelor’s degree in computer science, information technology or related field
- Knowledge and expertise of each phase of the Incident Response life cycle
- Experience with cybersecurity tools to include Splunk, FireEye suite of tools, Palo Alto firewalls, and others
- Technical writing skills to document analysis outcomes within incident reporting systems
- Critical thinking skills
- Analytic skills and experience
- Strong teamwork and collaboration skills
- Good written and verbal communication skills
- Ability to work independently, with strong and consistent traits of self-motivation.
Certifications:
- CISSP and/or GIAC Certifications
- Sec+
- CySA+
- CASP+
- Top Secret Security clearance with the ability to hold SCI
Working Environment & Conditions
This job operates in a professional office environment and has a noise level of mostly low to moderate. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. This position is primarily indoors, consistent with a standard office position and has a noise level of mostly low to moderate. The incumbent is required to stand; walk; sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; talk and hear. The workload may require the incumbent to sit for extended periods of time. The incumbent must be able to read, do simple math calculations and withstand moderate amounts of stress. The incumbent must occasionally lift and/or move up to 25 lbs. Specific vision abilities required by the job include close vision, distance vision, color vision, depth perception, and the ability to adjust focus.
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin, age, disability, military/veteran status, marital status, genetic information or any other factor protected by law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits and all other privileges, terms and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or to apply to a position on our website, please contact Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin, age, disability, military/veteran status, marital status, genetic information or any other factor protected by law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits and all other privileges, terms and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or to apply to a position on our website, please contact Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
EOE Minorities/Female/Protected Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
#LI-NP1
seankuhnke.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, seankuhnke.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, seankuhnke.com is the ideal place to find your next job.