- Coordinate and develop Incident Response use cases
- Build new rules for existing data to enhance monitoring and alerting based on security relevant data
- Lead the strategic direction of the agency's Analyst Collaboration Environment (ACE) and migrate from the legacy Analyst Collaboration Tool (ACT) to a SOAR based capability
- Design / build scripts, tools, methodologies to enhance detection and response to cyber security threats
- Perform as technical Subject Matter Expert (SME) for the Legacy DISA Cyber Security Service Provider (CSSP) Program Management Office (PMO) Analyst Collaboration Tool (ACT)
- Performs reviews of Cyber Security Analyst's analysis tickets to identify trends, compliance, and opportunities for improvement
- Develop whitepapers, briefs, SOPs, TTPs, and QRGs to allow for a better, more reliable DCO process
- Manage the ACT document development process, updating, when necessary, to reflect improvements
- Research and Develop Defensive Cyber Operations (DCO) security recommendations across multiple Areas of Responsibility (AOR)
- Conduct and deliver weekly and monthly status updates to government representatives
- DoD 8570 IAT level II or higher certification such as CompTIA Security+CE, CySA+CE, ISC2 SSCP, SANS GSEC prior to starting
- Bachelor's Degree with 8+ years of experience (experience may be used in lieu of a degree)
- Senior experience as a Cyber Security Analyst conducting security incident investigations and security incident handling
- Knowledge of at least one programming / scripting language (Python or PowerShell)
- Experience with Splunk, Elastic, Kibana, Palo Alto CORTEX SOAR and/or other SOAR technologies
- Experience with security frameworks such as MITRE ATT&CK, NIST, etc
- Motivated self-starter with strong written and verbal communication skills
- Knowledge of Linux, scripting, Request Tracker Incident Response (RT-IR)
- Active TS clearance with SCI access eligibility
- Experience w/ DoD and DISA Networks
- Knowledge of SOAR platforms, SIEM technologies, other security tools
- Knowledge of DoDI 8530 Cybersecurity Activities Support to DoDIN Operations
- CISSP / CISM / CRISC Certification
-
IT Security Engineer
3 weeks ago
Crimson Enterprises Arden on the Severn, United StatesWith more than 1,500 stores in 19 European countries, C&A is one of the leading fashion companies in Europe. C&A welcomes over two million visitors daily to its stores and offers high-quality fashion at affordable prices for the whole family. We embrace the digital transformation ...
-
Security Engineer
1 day ago
Omm IT Solutions Washington, United StatesThis is a 100% Onsite Role. · About the Position: · The Security Operations Engineer shall be responsible for implementing new firewall architectures, upgrades and features as necessary and assisting in the administration of all information security firewalls to include updates, ...
-
Security Engineer
19 hours ago
Omm IT Solutions Washington, United StatesThis is a 100% Onsite Role. · About the Position: · The Security Operations Engineer shall be responsible for implementing new firewall architectures, upgrades and features as necessary and assisting in the administration of all information security firewalls to include updates, ...
-
Cyber Security Engineer with Security Clearance
3 weeks ago
Parsons Company Annapolis, United StatesIn a world of possibilities, pursue one with endless opportunities. Imagine Next When it comes to what you want in your career, if you can imagine it, you can do it at Parsons. Imagine a career working with intelligent, diverse people sharing a common quest. Imagine a workplace w ...
-
Cyber Security Engineer with Security Clearance
3 weeks ago
Base2 Solutions Annapolis, United StatesYou will need to login · before you can apply for a job. · Cyber Security Engineer with Security Clearance · Required Security Clearance: Top Secret/SCI City: Annapolis Junction State/Territory: Maryland Travel: None Potential for Teleworking: Yes Schedule: Full Time DoD 8570 I ...
-
Infrastructure Security Engineer
2 weeks ago
PSI Services Annapolis, United StatesTitle: · Infrastructure Security Engineer · Location: · US Remote · About PSI · We are PSI Services. We power world leading tests. Delivered with trusted science and the very best test taker experience. PSI supports test-takers on their journey to pursuing dreams and gaining ce ...
-
Cyber Security Engineer
3 weeks ago
Modern Technology Solutions Inc Annapolis, United StatesModern Technology Solutions, Inc. (MTSI) is seeking · Cyber Security Engineer's · at multiple experience-levles to join our team in the Annapolis Junction, Maryland area. You will provide technical leadership combined with an operational understanding of cybersecurity to protec ...
-
Senior Security Engineer
3 weeks ago
3M Consultancy washington, United StatesThis is a remote position. · Job Title: Senior Security Engineer. · Location: Washington, DC (Remote) · Duration: Full-Time. · Role Specific Duties: · Provide network IDS monitoring, cyber threat intelligence, security log analysis and forensics, and web application security ...
-
Cornerstone Defense Annapolis, United StatesYou will need to login · before you can apply for a job. · Information System Security Engineer with Security Clearance · Title: Information System Security Engineer Location: Annapolis Junction, MD Clearance: Active TS/SCI w/ Polygraph needed to apply Company Overview: Corners ...
-
Farfield Systems, Inc Annapolis, United StatesYou will need to login · before you can apply for a job. · Information System Security Engineer with Security Clearance · About Farfield Systems, Inc At Farfield we are committed to delivering trusted expertise to our government clients. As we grow, our focus is on increasing o ...
-
Blue-Halo Annapolis, United StatesYou will need to login · before you can apply for a job. · Principal Information Systems Security Engineer with Security · Overview At BlueHalo our Cyber experts operate at the mission's edge. Using advanced cyber techniques, our team of technologist and analysts employ capabil ...
-
2HB Incorporated Annapolis, United StatesYou will need to login · before you can apply for a job. · Information System Security Engineer with Security Clearance · This is a full–time position, and requires a TS/SCI/Full Scope Polygraph Clearance. 2HB Incorporated is seeking a Mid Level Information System Security Engi ...
-
CACi Annapolis, United StatesInformation Systems Security Engineer Job Category: Security Time Type: Full time Minimum Clearance Required to Start: TS/SCI with Polygraph Employee Type: Regular Percentage of Travel Required: Type of Travel: CACI is seeking a ISSO for a recently awarded 5 year program that del ...
-
Lockheed Martin Corporation Annapolis, United StatesJob Number 666704BR Description:This position may be eligible for a $25K sign on bonus for external hires What We're Doing: · • At Lockheed Martin Rotary and Mission Systems, Cyber & Intelligence, we are driven by innovation and integrity. · • We believe that by applying the high ...
-
Information Security Systems Engineer
3 weeks ago
cFocus Software Incorporated Annapolis, United StatescFocus Software is seeking an Information Systems Security Engineer to join our program in Annapolis Junction, MD. This position requires an active TS/SCI CI Poly clearance. · Responsibilities: · Advise on in-depth security design review and threat/risk assessments. · Provide ...
-
Information Systems Security Engineer
1 week ago
Vibrint Annapolis, United StatesVibrint is a trusted provider of mission-critical systems and analysis that transform our customers' capacity and capability in harvesting and harnessing data. Working alongside many of the most talented professionals in public service, we work tirelessly to create and sustain ne ...
-
Information Systems Security Engineer
2 days ago
ManTech International Corporation Annapolis, United StatesThe Information Systems Security Engineer (ISSE) performs activities associated with the maintenance and updates of software in response to IAV - As, patches, and version updates IAW program requirements and associated vendor licenses. They provide s Security Engineer, Systems, S ...
-
Information Systems Security Engineer
3 weeks ago
Novul Solutions Annapolis, United StatesJob Description · Actively seeking a dedicated Information Systems Security Engineer (ISSE) to provide critical support to our government customer in Annapolis Junction, MD. As an ISSE with us, you'll play a pivotal role in assessing and enhancing the security posture of computi ...
-
Cyber Security Engineer III
3 weeks ago
Fidelis Technologies Annapolis, United StatesCome embark on an exciting adventure with a company that believes in the success of our people and invests in their growth. We are fast growing and lots of opportunity across a growing base of mission sets and contracts. · Come be part of a family and team that makes a differenc ...
-
Information Systems Security Engineer
2 weeks ago
Sensible Solutions and Technologies Inc Annapolis, United StatesJob Description · Information Systems Security Engineer, Clearance Required - TS/SCI w/Polygraph · Please note, this position requires all candidates to currently possess an active Top-Secret SCI Clearance with a Polygraph. This position is not an opportunity to be sponsored or ...
Lead Cyber Security Engineer - Annapolis, United States - NSS
Description
Job Description:
Currently seeking a Security Orchestration Automation and Response (SOAR) and Incident Response Quality Control Lead on the DISA GSMO-II program supporting the Cyber Security Service Provider (CSSP) team.
The candidate will have responsibility for the migration and implementation of a SOAR for the DISA CSSP program.They will also support and manage the migration of the existing incident knowledgebase, develop, and implement SOAR use cases, facilitate integration with security tools across the organization and report on effectiveness of the Analyst Collaboration Environment.
This candidate will perform Quality Assurance and Quality Control activities and serve as a technical liaison between DISA Headquarters and the multiple field sites that perform Cyber Security monitoring and incident response.
The QA Lead will audit the analysis associated with individual security incidents to ensure compliance with established processes and procedures, identify opportunities for analysis and process improvement and to identify and report on QA trends to the Government representative.
The QA Lead will notify responsible parties to implement corrective actions following identification of deficiencies. This role will be responsible for reporting performance metrics and QA/QC results.Work location is flexible (must be a DISA CSSP Site) and telework is authorized up to 50%, however approximately 50% of the role is conducted on SIPR.
Travel is limited to 10%.Primary Responsibilities
Basic Qualifications:
Preferred Qualifications:
Lead Cyber Security Engineer professionals in Annapolis
-
George Mikulski PhD
Full Professor
-
Jasper Frazee
Hello, my name is Jasper Frazee and I am a recent graduate of the University of Maryland with a B.S. ...
-
Beverly Biba
Service Catalog Designer