Incident Manager- Level 1 | Deskside Technician

at Abbtech Professional Resources
Location Arlington, VA
Date Posted January 8, 2022
Category Default
Job Type Full-time

Description

 

Incident Manager- Level 1

Location: Arlington, VA

Clearance: Top Secret/ SCI Eligibility

Seeking a Cyber Incident Manager to support this critical customer mission.

Responsibilities:

  • Monitoring external data sources (e.g., Computer Network Defense vendor sites, Computer Emergency Response Teams [CERTs], SANS, Security Focus) to maintain currency of Computer Network Defense threat condition and determining which security issues may have an impact on the enterprise
  • Identifying the cause of an incident and recognizing the key elements to ask external entities when learning the background and potential infection vector of an incident
  • Receiving and analyzing network alerts from various sources within the enterprise and determining possible causes of such alerts
  • Tracking and documenting Computer Network Defense (CND) incidents from initial detection through final resolution
  • Working with other components within the organization to obtain and coordinate information pertaining to ongoing incidents.

Required Skills:

  • U.S. Citizenship
  • Must have an active TS/SCI clearance
  • Must be able to obtain DHS Suitability
  • 1+ years of directly relevant experience in cyber incident management or cybersecurity operations
  • Knowledge of incident response and handling methodologies
  • Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident
  • Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
  • Skill in recognizing and categorizing types of vulnerabilities and associated attacks
  • Knowledge of basic system administration and operating system hardening techniques
  • Knowledge of Computer Network Defense policies, procedures, and regulations
  • Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
  • Must be able to work collaboratively across physical locations.

Desired Skills:

  • Knowledge of basic system administration and operating system hardening techniques
  • Knowledge of Computer Network Defense policies, procedures, and regulations
  • Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)

Required Education:

  • BS Incident Management, Operations Management, Cybersecurity or related degree. Two years of related work experience may be substituted for each year of degree level education.

Desired Certifications: GCIH, GCFA GISP, GCED, CCFP or CISSP

ABBTECH is an EOE/Minorities/Women/Disabled Individuals/Veterans

Drop files here browse files ...