Sr. Cyber Security Subject Matter Expert with Security Clearance
Quantum Science Solutions
2024-11-07 04:36:58
Arlington, Virginia, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Information System Security Analyst - Principal II - SCA06 - Open High Priority Quantum Science Solutions is supporting a U.S. Government customer on a large mission critical development and sustainment program to design, build, deliver, and operate a network operations environment including introducing new cyber capabilities to address emerging threats. QSS is seeking a Sr. Cyber Security Subject Matter Expert (SME) who can support our customer in the detection, response, mitigation, and reporting of cyber threats affecting the client networks. Responsibilities include: - Providing 24 x 7 watch supporting continuous monitoring and incident response for hybrid cloud/ on-prem customer networks - Providing support in the detection, response, mitigation, and reporting of cyber threats affecting customer networks - Producing reports and briefs to provide an accurate depiction of the current threat landscape and associated risk based on customer, community, and open-source reporting - Facilitating the customer's posturing to aggressively investigate cyber activity targeting customer information and its information infrastructure - Analyzing and reporting cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions - Providing support during assigned shifts, including nights/weekends, with hybrid work on-site - Developing and implementing training standards and procedures, to include Work Instructions, Joint Qualification Requirements, and Standard Operating Procedures - Oversee the training of newly assigned analysts Required Skills: - Must be a US Citizen - Must have an active Top Secret clearance with an ability to obtain TS/SCI clearance - Must be able to obtain DHS Suitability - 10+ years of directly relevant experience - Must pass internal qualification requirements within specified time constraints - Hands-on experience in a SOC performing the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following: - Experience in computer intrusion analysis and incident response - Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures - Strong experience with Cyber Security Incident Response training - Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology) - Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks - MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK) Desired Skills: - Experience with cloud-based security - Experience in computer evidence seizure, intrusion detection, computer/network forensic analysis, or data recovery - 3+ years' demonstrated (in resume) experience as a SME in intrusion detection and incident response operations - Prior experience with SIEM Technologies (Splunk) - Scripting experience (Linux/Windows command line, Python, Perl, etc.) - Prior experience with data visualization products. Required Certifications: • DoDI 8570.01-M IAT Level II Technical Certification (Security+ CE, CCNA + Security, SSCP, CYSA+) or equivalent AND an Incident Response Certification (CEH, GCIH, GCIA, GNFA, or comparable certification) AND relevant Cloud Security Certification (AWS or Azure) Required Education: BS Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 22 years of incident management experience