Posted in

Cyber SOC Incident Detector – Night Shift

Cyber SOC Incident Detector – Night Shift

CompanyGeneral Dynamics
LocationWashington, DC, USA, Colorado Springs, CO, USA
Salary$133369 – $180441
TypeFull-Time
Degrees
Experience LevelSenior

Requirements

  • Cyber Defense
  • Cybersecurity
  • MITRE ATT&CK Framework
  • Threat Detection
  • 6 + years of related experience
  • US Citizenship Required
  • DoD Approved Baseline 8570/8140 IAT Level II (Sec+, CySA+, CND, or CCNA-Security) certification required prior to start date
  • DoD Approved Baseline 8570/8140 CSSP Analyst (CEH, CySA, or CFR) certification required prior to start date
  • GIAC Continuous Monitoring (GMON) or equivalent certification required within first 120 days of employment
  • Splunk Core Certified User certification required within first 120 days of employment
  • Security Clearance Level: TS/SCI clearance and ability to obtain and maintain a Polygraph

Responsibilities

  • Perform forensic analysis of digital information and gathers and handles evidence
  • Identify network computer intrusion evidence and perpetrators, and coordinates with other government agencies to record and report incidents
  • Take the lead in day-to-day monitoring for unusual activities, implement defensive protocols, and report incidents
  • Forensic analysis of digital information, Open-Source Intel (OSINT) review/monitoring, available tools both customer provided and open source, and pivoting/researching on previously reported Indicators of Compromise (IOCs)
  • Participate in collaborative sessions with other CNDSPs and Intelligence Community (IC) agencies on malicious intrusions, attacks or suspicious activities, as well as share emerging Cyber Threat Intel data
  • Assist in the development of IOCs for active defensive countermeasures and passive detection signatures

Preferred Qualifications

  • Must have common knowledge of standard network infrastructure
  • Other items that would be good to know include: domain masquerading, certificates, and file hashing
  • Familiar with monitoring emerging threats through Tools, Techniques, and Procedures (TTPs) and how they relate to the MITRE ATT&CK Framework
  • Good written communications skills are necessary to properly document and report the identification and sharing of newly identified IOCs
  • Meticulous eye for detail and an ability to multitask in a fast-paced environment
  • Maintain knowledge of current cybercrime tactics