Overview
On Site
Full Time
Skills
Certified Ethical Hacker
Incident management
Cyber security
Real-time
Knowledge management
Threat analysis
Information Technology
Computer science
Security operations
Network monitoring
Problem solving
IT security
Systems engineering
Federal government
Security clearance
Operations
Project management
SIEM
Leadership
ROOT
Documentation
Collaboration
Forensics
Network
Management
Analytics
Automation
Orchestration
Mentorship
Training
Investor relations
System on a chip
IDS
IPS
ServiceNow
Analytical skill
Communication
GCIH
Research and development
Solaris
SAP BASIS
Policies
FOCUS
Job Details
Job ID: 2405649
Location: HINES, IL, US
Date Posted: 2024-04-18
Category: Cyber
Subcategory: Cybersecurity Ops
Schedule: Full-time
Shift: Night Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: No
Description
Overview:
We are seeking a motivated, career and customer oriented Cyber Incident Response (CIR) Tier II Analyst interested in joining our Cyber Security Operations Center (CSOC) team in support of the Department of Veterans Affairs (VA). This is a Third Shift Position (11pm - 7am). (This is a 24/7/365 environment. Some weekends and holidays are possibly required per your schedule).
This is an onsite position working in either Hines, IL, Martinsburg, WV or Austin, TX
Responsibilities:
Perform real-time monitoring and triage of security alerts in Cybersecurity toolsets including SIEM, and EDR
Make accurate determination of what alerts are false positives or require further investigation and prioritization
Lead and actively participate in the investigation, analysis, and resolution of cybersecurity incidents. Analyze attack patterns, determine the root cause, and recommend appropriate remediation measures to prevent future occurrences
Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned. Collaborate with knowledge management teams to maintain up-to-date incident response playbooks
Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators. Clearly communicate technical information and incident-related updates to management and stakeholders
Identify and action opportunities for tuning alerts to make the incident response team more efficient
Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy
Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions
Support the mentoring and training of more junior IR staff
Stay informed about the latest cybersecurity threats, trends, and best practices. Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities
Qualifications
Required Education and Experience:
3+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC)
A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment.
Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools
Experience with enterprise ticketing systems like ServiceNow
Excellent analytical and problem-solving skills.
Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight.
Ability to learn and function in multiple capacities and learn quickly.
Strong verbal and written communication skills
Shift Schedule
3 rd
Sun-Thurs
2300-0730
3 rd
Tue-Sat
2300-0730
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Location: HINES, IL, US
Date Posted: 2024-04-18
Category: Cyber
Subcategory: Cybersecurity Ops
Schedule: Full-time
Shift: Night Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: No
Description
Overview:
We are seeking a motivated, career and customer oriented Cyber Incident Response (CIR) Tier II Analyst interested in joining our Cyber Security Operations Center (CSOC) team in support of the Department of Veterans Affairs (VA). This is a Third Shift Position (11pm - 7am). (This is a 24/7/365 environment. Some weekends and holidays are possibly required per your schedule).
This is an onsite position working in either Hines, IL, Martinsburg, WV or Austin, TX
Responsibilities:
Perform real-time monitoring and triage of security alerts in Cybersecurity toolsets including SIEM, and EDR
Make accurate determination of what alerts are false positives or require further investigation and prioritization
Lead and actively participate in the investigation, analysis, and resolution of cybersecurity incidents. Analyze attack patterns, determine the root cause, and recommend appropriate remediation measures to prevent future occurrences
Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned. Collaborate with knowledge management teams to maintain up-to-date incident response playbooks
Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators. Clearly communicate technical information and incident-related updates to management and stakeholders
Identify and action opportunities for tuning alerts to make the incident response team more efficient
Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy
Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions
Support the mentoring and training of more junior IR staff
Stay informed about the latest cybersecurity threats, trends, and best practices. Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities
Qualifications
Required Education and Experience:
- Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Criminology, or similarly relevant field and five (5) years or more experience
- ship
3+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC)
A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment.
Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools
Experience with enterprise ticketing systems like ServiceNow
Excellent analytical and problem-solving skills.
Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight.
Ability to learn and function in multiple capacities and learn quickly.
Strong verbal and written communication skills
- Requires one of the following certifications:
- EC-Council's Certified Ethical Hacker
- GIAC Certified Incident Handler
- EC-Council's Certified Incident Handler (E|CIH)
- GIAC Certified Incident Handler (GCIH)
- Incident Handling & Response Professional (IHRP)
- Certified Computer Security Incident Handler (CSIH)
- Certified Incident Handling Engineer (CIHE)
- Candidates must be eligible to obtain a Public Trust based on the Department of Veteran Affairs regulations.
Shift Schedule
3 rd
Sun-Thurs
2300-0730
3 rd
Tue-Sat
2300-0730
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.