Cybersecurity Incident Response Administrator
Role details
Job location
Tech stack
Requirements
- High School Diploma or GED \n
- Must have and maintain a Secret Clearance \n
- Cybersecurity Certification (such as Certified Information Systems Security Professional (CISSP)/Information Systems Security Engineering Professional (ISSEP)/Security+/Certified Ethical Hacker (CEH/etc.) \n
- 10 or more years' experience with Cybersecurity and Incident Response or related areas \n
- Extensive experience managing Security Information and Event Management (SIEM) systems, including getting relevant data into the SIEM \n
- Proficiency in creating and managing SIEM dashboards for security event visualization - Strong ability to monitor and investigate security events and anomalies \n
- Experience in developing reporting requirements for audits and security controls \n
- Knowledge of Public Key Infrastructure (PKI) and managing SSL/TLS certificates \n
- Familiarity with DoD and Army web application security standards and best practices \n
- Ability to review and respond to Army Cyber Tasking Orders (CTOs) \n
- Experience coordinating with Cyber Security Service Providers for audit logs and incident response \n
- Participation in SW Assurance reviews for application audit log validation \n
- Ability to review and evaluate Information Systems Design Plans and related documents for security compliance\n, * Bachelor's degree in computer science or equivalent years of experience \n
- Familiarity with Army enterprise monitoring tools and practices \n
- Strong analytical and problem-solving skills \n
- Excellent communication and coordination skills \n
- Experience with incident response activities \n
- Knowledge of engineering change proposals and configuration management \n
- Understanding of Continuity of Operation Plans and Communication Plans \n
- Experience with security regulations and best industry practices \n
- Ability to work effectively in a team environment and collaborate with various stakeholders\n
Benefits & conditions
nQualified candidates are encouraged to review the full job description. Applicants are strongly encouraged to apply even if they do not meet 100% of the listed qualifications. \n \n \nFinal position requirements including education, training, certifications, etc., will be defined by the Government at solicitation release and may differ from what is listed here.\n \n The Senior Cybersecurity Incident Response Administrator will lead the SIEM-based monitoring and incident response activities. This will include detecting and investigating threats, audit reporting, coordinating with cybersecurity providers, and helping ensure compliance with security requirements.\n \n \nResponsibilities: \n \n \n
-
Leads SIEM-based monitoring and incident response activities \n
-
Detects and investigates threats \n
-
Supports audit reporting \n
-
Coordinates with cybersecurity providers \n
-
Helps ensure compliance with Army and DoD security requirements\n, nOSC Edge delivers a total rewards package that we know will attract, engage and retain top talent. Key elements of our package include a competitive base pay and a comprehensive benefits package:\n \n \nWe offer eligible employees with an opportunity to enroll in a variety of benefits offerings. Here are just some of our benefits for our US based positions: \n \n \n
-
Medical/ Dental/ Vision \n
-
Life insurance and AD&D \n
-
Flexible Spending \n
-
Accident, Critical Illness and Hospital Indemnity coverage \n
-
401(k) and ROTH retirement options and company match \n
-
Pet Insurance \n
-
Identify Theft and Fraud Protection coverage\n
