Cyber Analyst Incident Response

A Bachelor’s degree and 7 years of technical experience, or 12 years of technical experience in lieu of degree.
Active Secret Clearance.
Minimum of an IAT Level II certification required.

Monitor and track cybersecurity incidents and electronic data spillage events affecting all DHA mission relevant cyber terrain.
Provide status reports to DHA Leadership throughout the lifecycle of an event, from detection to closure, and track and provide historical metrics upon request.
Ability to read, interpret, and implement technical policies and procedures related to information systems and information systems security.
Proficiency with written and oral communication on technical subjects.
Proficiency with general office applications and collaboration tools.
Ability to manage multiple projects simultaneously.
Strong verbal and written communications and interpersonal skills.
A self-starter, needs little direction, ability to work in a dynamic project environment.

IAT/IAM Level III certification is preferred.
Experience with the design, installation, and sustainment of information system hardware and software.
Knowledge of cloud service models and how those models can limit incident response.
Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state-sponsored, and nation sponsored).
Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
Knowledge of DoD cybersecurity policies, procedures, and regulations.
Knowledge of incident response and handling methodologies.
Knowledge of network security architecture concepts including topology, protocols, components, and principles.