Cyber Security Operations Specialist - CSOC Tier 2

Cyber Security Operations Specialist – CSOC Tier 2

TS/SCI clearance with ability to obtain a CI Poly within 6 months
BA/BS Degree or equivalent experience
Minimum 4 years of related work experience
Certification compliant with DoD 8140.01 and DoD 8570.01-M IAT Level II and CSSP Analyst Certification
Must be a US Citizen
Ability to work 1 or more of 5 work shifts

Coordinates and implements tasks, performs analysis, and builds/documents response activities required during cyber security incident response
Coordinates with Security and Installations Directorate (SI) Office of Counterintelligence (SIC), Insider Threat Office (SIII), and other personnel for advanced investigation and triage of incidents
Collaborates with authorities in the production of security incident reports
Categorizes incidents and events
Coordinates with other contracts and organizations to ensure incidents are properly reported, contained, and eradicated
Builds timelines, documents, briefings, and other products to inform stakeholders of incident response actions
Documents actions taken and analysis in the authorized ticketing system
Develops and updates reports in the Joint Incident Management System (JIMS) and Incident Case Management System (ICMS)
Develops, maintains, and executes custom scripts, tools, and capabilities to collect and analyze data
Performs digital media analysis on host, server, and network data
Develops and identifies indicators of compromise
Provides adversary attribution
Performs malware analysis and signature development
Provides input to develop and deliver daily and weekly reports
Serves as C-IRT member and takes direction from the Government C-IRT Commander
Develops and coordinates courses of action with stakeholders
Conducts Quality Control reviews of closed CSOC Tier 2 tickets