Job#: 1270233 Job Description:
Please contact Kayla Abel for any interest or referrals - firstname.lastname@example.org.Position Overview:
The SME III defines the complex problems and performs detailed analysis and develops plans and requirements in the subject matter area for highly complex systems. Serves as Subject Matter Expert possessing in-depth knowledge or skills in a particular area such as information technology, telecommunications, security/cyber security operations, computer science engineering, software, mathematics, hardware, materials, business, state of the art technologies or program related subject matter. Individual will have high level skills in investigating and responding to cybersecurity threats, especially mobile threats, will make configuration recommendations and develop effective response strategies to complex threats for any aspect of the IT enterprise. Individual has unique capabilities or experience not available under other categories or requiring unique program related training or experience. Individual may be a recognized leader, pioneer or expert in their field.Essential Functions, Responsibilities & Duties may include, but are not limited to:
- Provide enterprise-wide management of security incidents in unclassified, organizations'-managed network space, to detect, respond and report all computer related incidents that includes daily monitoring of the organization's information systems, vulnerability remediation, intrusion detection, log reviews and malware tracking as well as provide cyber threat analysis to proactively deter advisories
- Provide infrastructure, operations, and maintenance support for network-based intrusion detection systems (Debian GNU/Linux) and other Security Information tools such as Event Management solutions (Splunk) and Network Security Management solutions (Skybox Security and Nessus)
- Conduct assessments, identification, and remediation of the individuals and /or systems affected
- Reporting of all information security incidents through the proper authority within the specified timeline
- Ensure that the Incident response program complies with applicable security policy, for example the Federal Information Security Management Act (FISMA) of 2002 and the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-61, Rev. 2, US-CERT Federal Incident Notification Guide, and USAID Computer Security Incident Handling Guide
- Develop and updates as necessary all procedures to identify and respond to incidents, to prevent or limit damage to the organization's assets
- Prepare and present subject matter expertise in executive threat briefs on the current threat environment
- Monitor, triage, prioritize events, and respond to alerts for further investigation. Complete, thorough, and detail-oriented work in a timely manner is a must.
- Investigate SIEM events, alerts, and tips to determine if an incident has occurred.
- Analyze CTI reporting & IOCs to improve network defenses and other security measures.
- Understanding of multiple log types including Windows, AD, Email, VPN, etc.
- Maintain situational awareness and keep current with cyber security news and threat actor Tactics, Techniques, and Procedures (TTPs).
- Document ongoing investigations and analysis using ticketing and incident reporting systems.
- Support the production of effective situational awareness products with relevant metrics and visualizations for key constituents and leadership.
Work Experience, Knowledge, Skills & Abilities:
- 7+ years of experience with two years specialized in information security.
- Bachelor's degree in computer science, information technology or related field
- Knowledge and expertise of each phase of the Incident Response life cycle
- Experience with cybersecurity tools to include Splunk, FireEye suite of tools, Palo Alto firewalls, and others
- Technical writing skills to document analysis outcomes within incident reporting systems
- Critical thinking skills
- Analytic skills and experience
- Strong teamwork and collaboration skills
- Good written and verbal communication skills
- Ability to work independently, with strong and consistent traits of self-motivation.
- CISSP and/or GIAC Certifications
- Top Secret Security clearance with the ability to hold SCI
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at email@example.com