Cyber Incident Auditor

Job Description

ECS is seeking a Cyber Incident Auditor - Mid to work in our Stafford, VA office (hybrid).

ECS is seeking a Cybersecurity Auditor to join a team of experts charged with providing support in the areas of engineering, risk management and cybersecurity support in response to the Marine's needs for enhanced operational readiness and war fighting capabilities. You will support the Business and Support Services Division, Information Technology Branch for Cybersecurity Technology and Cyber-based Engineering Services. This position is located onsite at the customer's location in Quantico, VA with potential for remote support.

Specific tasks you will perform as a Cybersecurity Auditor include, but are not limited to:

• Anomaly Tracking and Detection: Monitor and track anomalies to detect and support remediation of non-compliance or IT attacks.
• Audit Log Management: Verify safeguards for audit logs, ensuring proper collection, storage, time synchronization, retention, and review.
• Log Review and Alerting: Collect, review, and retain logs; identify and alert on suspicious network or system activity.
• Use Case Development: Develop use cases and indicators to meet key requirements per organizational standards and higher-level policies.
• Incident Analysis: Analyze cyber incidents to identify root causes, attack vectors, and impacted systems.
• Compliance Monitoring: Ensure adherence to DoD cybersecurity policies, standards, and regulations.
• Reporting: Prepare and submit reports on audit findings, incidents, and remediation status to leadership.
• Collaboration: Work with cybersecurity teams to implement corrective actions and improve security posture.
• Tool Utilization: Use auditing and monitoring tools (e.g., SIEM, log analyzers) to assess and track incidents.
• Training and Awareness: Support cybersecurity training initiatives for staff to enhance incident prevention.

Required Skills

• U.S. Citizenship required per contract
• IAT Level II Certification
• Interim or Active DoD Secret Clearance
• Two+ years of cyber security analyst, incident response, or auditing experience
• Experience working within a security operations center (SOC)

Desired Skills

• Cyber incident handling experience with DoD Customer
• Any of the following industry certifications:
  • CompTIA Cybersecurity Auditor (CySA+)
  • GIAC Certified Incident Handler Certification (GCIH)
  • EC-Council Certified Incident Handler (ECIH) certification
  • CREST Registered Intrusion Auditor (CRIA) certification

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.