Incident Response Analyst with Security Clearance

Incident Response Analyst
McLean, VA $120,000 - $200,000+ Experience Required: Citizenship: U.S. Citizenship required. Security Clearance: Active Top Secret SCI with Polygraph (CI or FS) Certifications: Must meet DoD 8570.01-M baseline certification requirements for IAT Level III (e.g., CASP+CE, CCNP Security, CISA, CISSP or Associate, GCED, GCIH, or CCSP). Professional Expertise: Expert-level knowledge in cybersecurity and defense. Minimum of 3 years of experience as a Computer Forensic Analyst or Computer Network Defense (CND) Forensic Analyst. Key Responsibilities: Cyber Threat Analysis and Response: Collect intrusion artifacts (e.g., source code, malware, trojans) to mitigate potential cyber defense incidents. Coordinate and provide technical support for enterprise-wide cyber defense operations. Respond to and manage incidents within cloud environments. Monitoring and Reporting: Track external data sources (e.g., vendor sites, CERTs, Security Focus) to stay updated on cyber defense threats. Perform trend analysis and generate reports on cyber defense activities. Develop and disseminate after-action reviews, incident findings, and cyber defense guidance. Forensics and Vulnerability Assessment: Conduct forensically sound collection and inspection of system images for remediation. Execute vulnerability scans and identify weaknesses within enterprise systems, including cloud environments (AWS, Google, IBM, Azure, Oracle). Incident Management and Mitigation: Analyze and address network alerts to determine potential causes. Implement measures to preserve evidence integrity per standard operating procedures. Protect networks against malware using advanced techniques (e.g., NIPS, anti-malware, spam filters). Technical Skills and Knowledge: Intrusion detection methodologies and host/network-based intrusion techniques. Cyber defense policies, procedures, and regulations. Incident response, including damage assessments and remediation. , Secure network architecture, communications, and protocols (e.g., TCP/IP, DNS, OSI model). Cloud service models and their limitations in incident response. Malware analysis and mitigation techniques. Network vulnerabilities and associated attack vectors. Preferred Skills: Conducting vulnerability scans and identifying system weaknesses. Recognizing and categorizing security vulnerabilities and associated attacks. Proficiency with security event correlation tools and techniques. Benefits: 20 Days PTO 11 Federal Holidays 401K Match Medical, Dental, and Vision Insurance Health Savings Account