Coordinate and implement cyber security response tasks, including:
Performing analysis and documentation
Implementing containment measures (e.g., IP/domain blocks, disabling user accounts per Government direction)
Coordinate with:
Security and Installations Directorate (SI)
Office of Counterintelligence (SIC)
Insider Threat Office (SIII)
Law enforcement and counterintelligence personnel for advanced incident triage
Collaborate with appropriate authorities to produce security incident reports
Categorize security incidents and events
Ensure proper incident reporting, containment, and eradication by coordinating with:
Other contracts
Organizations
Activities and services
De-conflict red/blue team activity with open incidents/events
Ensure full recovery from incidents/events across the NGA enterprise
Build timelines, briefings, documentation, and other products to inform stakeholders of:
Incident response actions
Adversary activities
Blue force (defensive) responses
Log detailed actions and analysis in the authorized ticketing system to enable full reconstruction of events
Generate and update incident reports in:
Joint Incident Management System (JIMS)
Incident Case Management System (ICMS)
Other authorized systems as directed
Develop and execute (with Government approval) custom tools, scripts, and capabilities for data collection and incident response
Perform digital forensics and media analysis on host, server, and network data, including:
Volatile/non-volatile memory
System artifacts
Develop and disseminate indicators of compromise (IOCs) to cybersecurity stakeholders
Provide adversary attribution and perform malware analysis/signature development
Coordinate with CSOC Tier 1 & 2 teams to:
Remediate discrepancies
Provide recommendations to prevent reoccurrence
Bachelor’s degree or 6+ years of cybersecurity experience (CSOS)
Active TS/SCI clearance; ability to obtain polygraph
DoDD 8140.01 and DoD 8570.01-M:
IAT Level II
CSSP Incident Responder
Provide input and coordination for:
Daily CSOC Significant Activity Report
Daily CSOC Operations Update
Weekly CSOC Status Report
Serve as a C-IRT member under Government C-IRT Commander direction
Develop and coordinate courses of action with Government/contract stakeholders
When authorized, execute Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) on NGA networks
Perform malware reverse engineering and digital media analysis
Develop and execute custom scripts, tools, and capabilities (as authorized)
Deliver incident investigation reports within 30 days of C-IRT stand-down, covering:
Full incident lifecycle
Host/network analysis
Recommendations for TTP improvements
Conduct weekly Quality Control reviews of closed Tier 2 CSOC tickets to ensure:
Proper categorization
Thorough documentation
Appropriate notifications
Master’s degree
IAT Level III certification
...coaches and performers far and wide! Independent Lake Camp is on a mission to create the best summer ever for their campers and we need you on board! If... .... Independent Lake Camp attracts campers and counselors from all over the USA and abroad, catering to kids aged...
...using Zoom, email, and online tools Must be 18+ and authorized to work in the U.S. Motivated, reliable, and eager to learn What We... ...Customer Service Jobs Entry-Level Remote Jobs Work From Home Hiring Now Sales & Benefits Advisor No Experience Jobs Customer...
...A Camp Counselor is an important member of our field team. They help create magical and impactful day camps for children ages 5-12 and teens ages 13-17. A Summer Camp Counselor works throughout our summer camp season, which runs May through August. As a Camp Counselor...
...Seasonal Tax Preparer (Potential Long-Term Opportunity) Company: Fiesta Auto Insurance Our Mission: At Fiesta Auto Insurance, we believe... .... All of our Fiesta Auto Insurance offices also offer income tax preparation services. Our team of professionals will ask you...