- Coordinate and implement tasks, performing analysis, and building/documenting response activities required during cyber security incident response, to include but not limited to actions such as implementing containment measures, IP blocks, domain blocks, and disabling user accounts on direction of the Government.
- Coordinates with Security and Installations Directorate (SI) Office of Counterintelligence (SIC), Insider Threat Office (SIII), in addition to other law enforcement and counterintelligence personnel as required to perform advanced investigation and triage of incidents.
- Collaborates with appropriate authorities in the production of security incident reports.
- Categorizes incidents and events.
- Coordinates with other contracts, organizations, activities, and other services as appropriate to ensure incidents are properly reported, contained, and eradicated.
- Coordinates with other contracts, organizations, activities, and other services as appropriate to de-conflict blue / red team activity with open incidents/events.
- Coordinates with other contracts, organizations, activities, and services to ensure recovery from an incident/event.
- Builds timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both adversary activity and blue force response actions.
- Documents actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken, and analysis are capable of being systematically reconstructed.
- Develops and when approved by the Government generates and updates reports in the Joint Incident Management System (JIMS), Incident Case Management System (ICMS), and/or other authorized reporting systems as directed.
- Develops, maintains, sustains, and when properly authorized by the Government executes custom scripts, tools, and capabilities to collect and analyze data, and to respond to incidents/events.
- Performs digital media analysis on host, server, and network data as required to analyze and respond to an incident, to include but not limited to volatile and non-volatile memory and/or system artifact collection and analysis.
- Develops and identifies indicators of compromise to send to Cybersecurity stakeholders and other Contract Services.
- Provides adversary attribution.
- Performs malware analysis and signature development.
- Coordinate with CSOC Tier 1 and 2 services to remediate all discrepancies and provide recommendations to prevent reoccurrence
- Bachelor's Degree and 8 years' experience in Cyber Security (CSOS)
- Active TS/SCI, ability to obtain a Polygraph.
- DoDD and DoD M IAT Level II and CSSP Incident Responder. Provides input to and coordinates with all applicable stakeholders to develop and deliver the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report.
- Serve as C-IRT members as required and serve under the direct control of, and take direction from, the Government C-IRT Commander.
- Develop and coordinate courses of action with various Government and contract stakeholders, and when properly authorized by the Government, execute Defensive Cyberspace Operations-Internal Defensive Measures on behalf of classified networks and systems.
- Performs digital media analysis and malware reverse engineering on host, server, and network data as required to analyze and respond to an incident, to include but not limited to volatile and non-volatile memory and/or system artifact collection and analysis.
- When properly authorized by the Government, execute custom scripts, tools, and capabilities to collect and analyze data, and to respond to incidents/events.
- Develops, documents, and provides to the Government incident investigation reports which include sufficient information to document the entire lifecycle of the incident and the response, including but not limited to adversary and friendly forces activity, host and network analysis, timelines, and recommendations for corrective actions, recommendations for new Tactics, Techniques, and Procedures (TTP) and other recommendations as appropriate, within 30 days of C-IRT stand-down.
- Conduct Quality Control reviews of a percentage closed CSOC Tier 2 tickets each week to ensure proper analysis, categorization, documentation, and notification
- IAT III Work Requirements
-
Tier 3 SOC Analyst
6 days ago
GuidePoint Security Springfield, United StatesGuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation' ...
-
CSOS Analyst Tier 3
1 week ago
General Dynamics Springfield, United StatesResponsibilities for this Position · Location: USA VA Springfield Backlick Rd (VAS110) · Full Part/Time: Full time · Job Req: RQ168452 · Type of Requisition: · Pipeline · Clearance Level Must Currently Possess: · Top Secret/SCI · Clearance Level Must Be Able to Obtain: ...
-
CSOS Analyst Tier 3
3 weeks ago
General Dynamics Information Technology Springfield, United StatesCandidate will provide Expert CSOC Tier 3 services, which is 24 x 7 x 365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents. CSOC Tier 3 services inclu Analyst, Contractor, Contract ...
-
Tier 1/ Tier 2 Analyst
2 weeks ago
Resource Management Concepts, Inc. Quantico, Virginia, United States PermanentResource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the Un ...
-
Tier 3 Analyst
3 weeks ago
Fusion Technology Chantilly, United States Full timeTier 3 Analyst (Senior Security Analyst) · Who are you? · You must possess an active Secret security clearance. You must also be able to obtain TSA suitability. · High school diploma · One or more vendor specific certifications (CYSA+, CEH, or equivalent) · What you'll do: ...
-
Tier 1/ Tier 2 Analyst
2 weeks ago
Resource Management Concepts, Inc. Quantico, United StatesJob Description · Job DescriptionResource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the ...
-
Tier 2 Analyst
2 weeks ago
Resource Management Concepts, Inc. Quantico, United StatesJob Description · Job DescriptionResource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the ...
-
Tier 3 Analyst
5 days ago
Fusion Technology LLC Chantilly, United StatesJob Description · Job DescriptionTier 3 Analyst (Senior Security Analyst) · Who is Fusion Technology? · Fusion Technology is a performance-driven HUBZone Small Business concern residing in the heart of the beautiful mountainsides of West Virginia, steps away from the Federal Bure ...
-
Tier 3 SOC Analyst
1 week ago
Warriors Recruiting Vienna, United StatesJob Description · Job DescriptionTitle: Tier 3 Security Operations Center (SOC) Analyst · Location: Vienna, VA · Position Overview: We are seeking a highly skilled Tier 3 Security Operations Center (SOC) Analyst to join our dynamic cybersecurity team. As a Tier 3 SOC Analyst, you ...
-
CSOC Tier 2 Analyst
2 days ago
CSEngineering Rockville, United StatesCSOC Tier 2 Analyst · **Immediate Requirement** · **All 3 shifts available** · **Onsite** · CSEngineering is looking to add a CSOC Tier 2 Analyst to our growing team As the Cyber Security Operations Center (CSOC) Tier 2 Team Lead, you are responsible for overseeing and managing t ...
-
Tier I Help Desk Analyst
1 week ago
Keen Logic Alexandria, United StatesKeenLogic is currently looking for a talented and self-motivated Tier I Analyst with the ability to work in a challenging, consultative, and collaborative team environment in Alexandria, VA. This position is full-time, Monday- Friday. · The candidate will be responsible for call ...
-
Tier 1 Help Desk Analyst
1 week ago
SecuriGence LLC Arlington, United StatesJob Description · Job DescriptionJob Title: Tier 1 Help Desk Analyst · Location: Arlington, Virginia · Clearance Level: Secret Clearance. Top Secret Preferred. · Summary · We deliver essential technology services to our customers in support of their missions to sustain the nation ...
-
Tier II Help Desk Analyst
1 week ago
SecuriGence LLC Arlington, United StatesJob Description · Job DescriptionJob Title: Tier II Help Desk Analyst · Location: Arlington, Virginia · Clearance Level: Secret Clearance · Summary · We deliver essential technology services to our customers in support of their missions to sustain the national security and provi ...
-
Tier 1 AS&W Analyst
2 weeks ago
Leidos Ashburn, United StatesLeidos Digital Modernization Sector is seeking a · Tier 1 AS&W Analyst – Night Front · f or this highly visible cyber security program supporting Customs and Border Protection (CBP) security operations center (SOC). · CBP SOC is a US Government program responsible to prevent, ide ...
-
Helpdesk Tier 2 Analyst
4 days ago
E-talentnetwork College Park, United StatesJob title: Helpdesk Tier 1 Analyst · Locations: Chicago, IL · Public Trust Clearance. · T he candidate shall provide tier 2 support to the NARA Enterprise ServiceDesk. The Tier 2 engineer shall resolve onsite and remote tickets in accordance with the Service Level Agreements ( ...
-
Cybersecurity Analyst Tier 2
3 weeks ago
A-Tek Rockville, United StatesAs the Cybersecurity Analyst Tier 2, you are responsible for overseeing and managing Tier 2 level threat response in our client's Security Operations Center. Your role involves working with a team of security analysts and engineers who monitor, detect, analyze, and respond to sec ...
-
Tier 2 SOC Analyst
22 hours ago
Scout Solutions Inc Defunct Leesburg, United StatesTier 2 SOC Analyst · Clearance: Secret · Location: Leesburg, VA (Onsite) · We are currently seeking a SOC Analyst (Tier 2) to join our growing team in support of Security Operations Center on a newly awarded contract. The ideal candidate will have experience working in a network ...
-
Tier 3 SOC Analyst
1 week ago
Demo - Maximus Herndon, United States#techjob · #clearance · Job Summary Who We Seek: · Passion Seekers. You genuinely care about the work that you do and its impact on society. · Self-Starters. Youre a go-getter who isnt afraid to step up and disrupt the status quo. · Entrepreneurs. You bring fresh ideas to th ...
-
CSOC Tier 3 Analyst
1 week ago
CSEngineering Rockville, United StatesJob Description · Job DescriptionCSOC Tier 3 Analyst · **Immediate Opportunity** · **Onsite** · CSEngineering is looking to add a CSOC Tier 3 Analyst to our growing team As the Cyber Security Operations Center (CSOC) Tier 3 Team Lead, you are responsible for overseeing and managi ...
-
Tier 1 AS&W Analyst
1 week ago
Leidos Ashburn, United States Full timeDescription · Leidos Digital Modernization Sector is seeking a Tier 1 AS&W Analyst – Day Back for this highly visible cyber security program supporting Customs and Border Protection (CBP) security operations center (SOC). CBP SOC is a US Government program responsible to preven ...
CSOC Tier 2 Analyst - Springfield, United States - General Dynamics Information Technology
Description
REQ#:
RQ160828
Requisition Type:
Pipeline Your Impact Own your opportunity to serve as a critical component of our nation's safety and security. Make an impact by using your expertise to protect our country from threats.
Job Description CSOS Analyst Tier 2 Provide CSOC Tier 2 services, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents.
CSOC Tier 2 services includes malware and implant analysis, and forensic artifact handling and analysis.When a CIRT is stood up, all contractors in support of CSOC Tier 2 services will be under the direct control of, and take direction from, the Government CIRT Commander.
While not in a period of incident response, the Contractor shall conduct continuous exercises and dry runs to improve response outcomes in the event of a cyber-incident.
All Contractor personnel performing CSOC Tier 2 services shall have or obtain, within six months of start, a certification that is compliant with DoDD and DoD M IAT Level II and CSSP Incident Responder.
Job Duties:
Job Requirements:
Preferred Qualifications:
cls-1{fill:
none;stroke:
#5b6670;stroke-miterlimit:10;stroke-width:2px} Years of Experience 8 + years of related experience * may vary based on technical training, certification(s), or degree
cls-2{fill:
none;stroke:
#5b6670;stroke-miterlimit:10;stroke-width:2px} Certification Certified Incident Management Professional - Service Travel Required None
cls-3{fill:
none;stroke:
#5d666f;stroke-miterlimit:10} Citizenship U.S. Citizenship Required Salary and Benefit Information The likely salary range for this position is $140,899 - $235,310. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. View information about benefits and our total rewards program. About Our Work We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
