- 2+ years of investigations work experience involving insider risk investigations, security incident response, technical investigations, intellectual property investigations, and/or financial fraud investigations
- 3-5+ years of experience in UEBA and/or Splunk Enterprise Security
- 7+ years of experience in Cyber Security domain
- Experience thriving in a heavily regulated environment
- Experience in Splunk content development and Splunk Search Processing Language (SPL)
- Knowledge of Machine Learning (Client) and how it applies to Insider Risk programs."
- Assist in maturing an Insider Risk Program's operational support, including the development of playbooks and workflows for monitoring against potential insider risks, developing detection use cases, and conducting incident analysis.
- Implement federal government and industry standards and best practices regarding insider risk programs, including development and maintenance of OCISO programmatic gap analyses and implementation roadmaps.
- Assist in the creation of Gap Analysis on current tool usage for the Insider Risk program and make recommendations based on industry best practices and client organization.
- Develop and maintain a convergence model for insider risk mitigation that reduces risk to client's personnel and assets.
- Develop and improve insider risk modeling that leverages Splunk User Behavior and Entity Analytics (UEBA), Data Loss Prevention (DLP), Splunk Enterprise Security (ES), Microsoft Purview, Machine Learning, and automated solutions in place."
- Develop and improve insider risk modeling that leverages Splunk User Behavior and Entity Analytics (UEBA), Data Loss Prevention (DLP), Splunk Enterprise Security (ES), Microsoft Purview, Machine Learning, and automated solutions in place.
- Develop and expand situational playbooks that leverage client's automated capabilities.
- Leverage excellent interpersonal skills to coordinate with client's business and technology leaders to develop and maintain programmatic solutions to insider risk.
- Lead and assist in the investigation of all incidents involving insider risk."
-
CyberDefense Incident Responder
3 weeks ago
Apexon Arlington, United StatesRequired Skills: " 2+ years of investigations work experience involving insider risk investigations, security incident response, technical investigations, intellectual property investigations, and/or financial fraud investigations · 3-5+ years of experience in UEBA and/or Splunk ...
-
CyberDefense Incident Responder
3 weeks ago
Apexon Arlington, United StatesAbout Apexon: · Apexon is a digital-first technology services firm specializing in accelerating business transformation and delivering human-centric digital experiences. We have been meeting customers wherever they are in the digital lifecycle and helping them outperform their co ...
-
CyberDefense Incident Responder
3 weeks ago
Nasscomm, Inc. Arlington, United States2+ years of investigations work experience involving insider risk investigations, security incident response, technical investigations, intellectual property investigations, and/or financial fraud investigations · 3-5+ years of experience in UEBA and/or Splunk Enterprise Security ...
-
Cyberdefense Incident Responder
3 weeks ago
Apexon Arlington, United States**Location · - Arlington, VA - Hybrid** · **Position - 1** · **Rate: Market** · **W2 and US citizens only** · **Required Skills**: · - 2+ years of investigations work experience involving insider risk investigations, security incident response, technical investigations, intellect ...
-
Cyber Security Incident Responder
1 week ago
Nodel Arlington, United States PermanentCyber Security Incident Responder/ Information System Security Analyst · Location: Arlington, VA · Must have Top Secret Security Clearance · Node is supporting a U.S. Government customer on a large mission-development and sustainment program to design, build, deliver, and opera ...
-
Cyber Defense Incident Responder
3 weeks ago
ARK Solutions, Inc. Arlington, United StatesRole Title: CyberDefense Incident Responder · Location: Arlington, VA (Hybrid) · Duration: 18+ months Contract · Job Description: · The scope of this Task Order is to support Security Operations by providing support for the client's Security Response Team, Insider Threat program ...
-
Cyber Security Incident Responder
4 days ago
Bespoke Corps LLC Washington, United States**Position**: · Cybersecurity Service Provider/Incident Response (CSSP/IR) Analyst · **Position Identifier**: · ARLI-CSSP/IR-001 · **Position Description**: · **Demonstrated Experience (Minimum 3 years)**: · - Knowledge of Advanced Persistent Threats (APT), network attack pattern ...
-
Technical Cyber Incident Responder US REMOTE
3 weeks ago
Jacobs Arlington, United StatesYour Impact: · At Jacobs, we are dedicated to pushing the boundaries of innovation and delivering exceptional solutions to our clients. As a leader in our industry, we recognize the critical importance of synergies between cybersecurity, infrastructure, data, applications, and cl ...
-
ASRC Federal Holding Company Quantico, United States**JOB DESCRIPTION**: · Analysis reports, forensics investigations, trend reports. Analysis reports are conducted daily, covering the Security Information and Event Manager (SIEM), end point security, network access control, and vulnerability scanners, threat hunt operations. Anal ...
-
Incident Response Analyst with OT/ICS/SCADA
3 weeks ago
Peraton Arlington, United States Full timeResponsibilities · Peraton is currently seeking an experienced Incident Response Analyst with OT/ICS/SCADA experience for its' Federal Strategic Cyber program in Arlington, VA. · Location: On-site role in Arlington, VA. Ideal candidate needs to be amenable to travel, approximate ...
-
Security Operation Center
3 days ago
Bluehawk, LLC Arlington, United StatesOverview · BLUEHAWK, LLC is a professional services firm providing intelligence, information technology, language, and training services to the . Government and commercial entities with objectives to protect and defend our nation, citizens, natural resources, critical Infrastruc ...
-
Security Administrator
2 weeks ago
Ashoka Arlington, United StatesPosition Summary · Ashoka is looking to add an Security Administrator to our technology team supporting operations around the world. The Security Administrator is responsible for deploying, monitoring, and maintaining security infrastructure, analyzing and responding to threats, ...
-
Security Officer
3 weeks ago
VHC Health Arlington, United States Full timeDescription · Purpose & Scope: · Patrols Virginia Hospital Center facilities and property to maintain order, protect personnel, and prevent fire, theft, vandalism, illegal entry, etc. Enforces Virginia Hospital Center policies and provides assistance to patients, visitors, and e ...
-
Mid-level Cyber Incident Management Analyst
3 weeks ago
Peraton Arlington, United States Full timeResponsibilities · As the nation's risk adviser, we (CISA) help our partners strengthen their own capabilities and connect our stakeholders in industry and government to each other and to resources, analyses, and tools to help them build their own cyber, communications, and physi ...
-
Special Security Representative
3 weeks ago
Advantage SCI Arlington, United States Full timePosition Title: Special Security Representative · Reports To: Program Manager · Clearance Type: Active Top Secret/SCI · Work Location: National Capital Region · Job Description: · Advantage SCI, LLC is accepting applications for Special Security Representatives to be considered f ...
-
Cyber Network Defense Analyst Level III
3 weeks ago
Zachary Piper Solutions Arlington, United StatesThe DHS's Hunt and Incident Response Team (HIRT) secures the Nation's cyber and communications infrastructure. HIRT provides DHS's front-line response for cyber incidents and proactively hunting for malicious cyber activity. Zachary Piper Solutions, as a prime contractor to DHS, ...
-
Host Based Systems Analyst
1 day ago
Fusion Technology Arlington, United States ContractedWho are you? · Trusted Employee: The Government trusts you and so do we. You possess an active Top Secret security clearance. You must also be able to obtain Department of Homeland Security (DHS) suitability. · Threat Expert: You have experience with proper evidence handling pr ...
-
Cyber Network Defense Analysts
1 week ago
BCMC, LLC Arlington, United States Full timeThe Computer Network Defense Analyst uses information collected from a variety of sources to monitor network activity and analyze it for evidence of suspicious behavior. Monitoring and analysis are performed to identify and report events that occur, or might occur, within the net ...
-
Communications Manager
3 weeks ago
ICF Arlington, United States Full time@ ICF Next, we are fearless in finding new ways to solve problems, relentless in making sure it pays off for our clients and committed to making a positive change in the world. · Here's your chance to join our award-winning agency, ICF Next. We're changemakers, a community of mis ...
-
Security Officer Armed and Unarmed
1 day ago
AAA Security Guard Services, LLC Arlington, United States Full timeBenefits:Competitive salary · Opportunity for advancement · Training & development · Job Summary · We are seeking a professional Security Officer Armed/Unarmed to join our team. In this role, your primary responsibility will be to create a safe and secure environment. You will pr ...
CyberDefense Incident Responder - Arlington, United States - Ark Solutions
Description
Role: CyberDefense Incident Responder
Arlington, VA (Hybrid)
18 months Contract
The scope of this Task Order is to support Security Operations by providing support for the client's Security Response Team, Insider Threat program and select Vulnerability Assessment and Scanning tasks.
Education: BS or higher
Required Skills:"
Preferred Skills:Splunk ES/UBA
Day-to-day Responsibilities:"
Expected Deliverables:
"
