Overview
Skills
Job Details
Job Title -Cyber Security Incident Responder
Work Location: Pensacola, FL
Epic Systems is supporting a U.S. Government customer on a large mission-critical development and sustainment program to design, build, deliver, and operate a network operations environment; including introducing new cyber capabilities to address emerging threats. In support of the customer s strategic direction, Epic is looking for a qualified Cyber Security Incident Responder who can support our customer in the detection, response, mitigation, and reporting of cyber threats affecting the client networks.
****This position requires shift work including nights/weekends.
Responsibilities will include:
- Provide support in the detection, response, mitigation, and reporting of cyber threats affecting client networks
- Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations
- Produce reports and briefs to provide an accurate depiction of the current threat landscape and associated risk.
- Provide analysis for correlated information sources
- Facilitate the customer's posturing itself to aggressively investigate cyber activity targeting customer information and its information infrastructure
- Assist the customer training department in the education of staff on the cyber threat
- Liaison with other government cyber threat analysis entities, such as intra-agency and inter-agency Cyber Threat Working Groups
- Maintaining proficiency in the use and production of visualization charts, link analysis diagrams, and database queries
- Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions
- Meet and maintain customer required Information Assurance training compliance
Required Skills:
- Must have an active Top-Secret clearance with an ability to obtain TS/SCI clearance
- Must be able to obtain DHS Suitability
- Exceptional oral and written communication
- 8+ years of directly relevant experience - Hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks
- Experience in computer intrusion analysis and incident response
- Experience with computer network surveillance/monitoring
Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Experience in computer evidence seizure, computer forensic analysis, and data recovery
- Computer network forensics experience - Experience with system log analysis
- Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
- Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Proficiency with MS Office Applications
- Must be able to work collaboratively across agencies and physical locations
Desired Skills:
- Experience supporting DHS, Federal Civil, Intelligence and/or DoD Customers
- Malware reverse engineering experience
- Scripting experience (python, Perl etc....)
- Experience with process development and deployment
- Excellent writing skills
- Prior experience with data visualization products such as Analyst Notebook is desired. - Prior experience with Splunk
Required Education:
-Bachelor s degree in Information Security, Cyber Engineering or a related discipline is required. [Ten (10) years of experience (for a total of eighteen (18) or more years) may be substituted for a degree.]
Desired Certifications:
- Additional Technical CND Incident Reporter Certification (CEH, GCIH, GCIA, GNFA)
- DoDI 8570.01-M 8570.01-M IAT Level I Compliant Certification (Network + CE, A+ CE, CCNA + Security, SSCP)