Cybersecurity Specialist with Security Clearance
Description SAIC has an opportunity for a Cyber Incident Response Team analyst to support the US Army Corps of Engineers Revolutionary IT Services (USACE RITS) programThis position will be 100% remote and can be performed anywhere in the United StatesThe USACE RITS contract will provide modern and secure enterprise-wide IT support services to approximately 37,000 USACE customers located throughout the CONUS and OCONUSServices will support the mission needs of USACE's Headquarters (HQs) located in Washington, D.C., nine Divisions and 43 Districts, to include over 1,500 field and area project offices and two data centers that are currently located in Vicksburg, Mississippi, and Hillsboro, OregonThe ideal candidate will be the point of contact for monitoring agency networking environments, including cloud, DMZs and secure LANs, as required by the USACE OCIO/G-6The service shall also support connectivity to extranets and the internetMajor duties with monitoring include:
o Providing analysis and monitoring for all systems and environments to ensure the availability, integrity, and confidentiality of the data processed, stored, and transmitted via a centralized support monitoring serviceAnalysis and monitoring shall be automated to the maximum extent possible.o Providing Intrusion Detection System/Intrusion Prevention System (IDS/IPS) support:
o Implementing, administering, and maintaining threat sensors based on current threat directives and recommendations.o Developing, testing, and distributing threat sensor baseline signatures.o Developing IDS/IPS test plans, operational procedures, and maintenance plans.o Providing host-based intrusion detection monitoring and prevention on all devices, including those supporting Host-Based Security Systems (HBSSs).o Providing data feeds from all intrusion detection and prevention modules for incorporation into the Enterprise Security Incident Management System, for CorpsNet, cloud, DMZ, and SIPR in accordance with classification guidance.o Providing continuous monitoring of malware protection and detection mechanisms.o Providing administrator access to the designated Government POCs as required.o Providing active monitoring of the operational status, health, and performance of the monitoring tools and devices.o Actively monitoring vendor feeds, Army feeds, tippers, OPORDS, sensor grids, and intelligence feeds for new signature information.o Analyzing the information provided and providing recommendations for inclusion into the CorpsNet, and SIPRNet environments, while maintaining the classification of information.o Providing performance measurements, logs, and information feeds from the security monitoring systems (e.g., HBSS and IPS).o Maintaining access to current network architecture diagrams per DISA standards showing placement of sensors (e.g.,IDS/IPS, Routers, Netflow/PCAP systems, firewall, etc.).o Reporting on access to assets, including, but not limited to, network and host-based sensors for CorpsNet, CorpsNet extended network (JRSS and cloud), and SIPRNet.o Integrating and correlating data from USACE systems, servers, services, SIEM, and end points to measure, monitor, remediate, and remove threats to the environment in accordance with USACE OCIO/G-6 directivesMajor incident response duties include:
0Responding to alerts and violations identified, in accordance with cyber policy and incident response plans, as part of the SIEM
Qualifications Education:
o Bachelors and two (2) years or more experience; additional four (4) years experience in lieu of degree
Experience:
o Identifying incident threat level and nature based on the received alert or violation.o Identifying root cause, source, and methodology used to properly categorize the incident.o Providing AR 380-53 Network Damage Assessment, if necessary.o Gathering host logs from compromised system(s).o Taking corrective action to contain the incident, prevent further spread, and protect systems.o Providing forensically sound evidence collection and capabilities.o Eradicating the malicious event from infected hosts/network as directed by USACE OCIO/G-6.o Providing cyber clean-up as required, including the restoration of damaged data.o Recommending mitigating actions to prevent future infections or reinfection.o Configuring and fine-tuning detection/prevention capabilities.o Providing cyber After Action Reports (AARs), including lessons learned and final network damage assessment as identified by USACE OCIO/G-6.o Providing analysis, correlation, and trending of anomalous events and incidents.o Supporting incident response team deployment to USACE OCIO/G-6 locations.o Coordinating and sharing data with other Federal agencies and DoD commands as directed by USACE OCIO/G-6.o Providing analysis and reverse engineering of cyber threats.o Implementing mitigation measures in response to general or specific threats on the respective networks in accordance with USACE OCIO/G-6 directivesCERTIFICATION REQUIRED:
Must have at least one of the followingo CEH - Certified Ethical Hackero CySA
- Cybersecurity Analyst Pluso GICSP - GIAC Global Industrial Cyber Security Professionalo SSCP - Systems Security Certified Practitionero CFR - CyberSec First Responder CLEARANCE REQUIREMENT:
o Must have an Interim Secret clearance with ability to obtain and maintain a Secret clearanceTarget salary range:
$75,001 - $100,000The estimate displayed represents the typical salary range for this position based on experience and other factorsSAIC accepts applications on an ongoing basis and there is no deadlineCovid Policy:
SAIC does not require COVID-19 vaccinations or boostersCustomer site vaccination requirements must be followed when work is performed at a customer site. Recommended Skills Certified Ethical Hacker Computer Security Confidentiality Corrective And Preventive Action (Capa) Criminal Investigation Firewalls (Computer Science) Apply to this job. Think you're the perfect candidate? Apply on company site $('.external-apply-email-saved').on('click', function (event) window.ExternalApply = window.open('/interstitial?jobdid=j3v19p6qbs4gspl8lv0', 'ExternalApply-j3v19p6qbs4gspl8lv0'); ); $(document).ready( function() $(#ads-desktop-placeholder).html(
n
n
n Estimated Salary: $20 to $28 per hour based on qualifications.
o Providing analysis and monitoring for all systems and environments to ensure the availability, integrity, and confidentiality of the data processed, stored, and transmitted via a centralized support monitoring serviceAnalysis and monitoring shall be automated to the maximum extent possible.o Providing Intrusion Detection System/Intrusion Prevention System (IDS/IPS) support:
o Implementing, administering, and maintaining threat sensors based on current threat directives and recommendations.o Developing, testing, and distributing threat sensor baseline signatures.o Developing IDS/IPS test plans, operational procedures, and maintenance plans.o Providing host-based intrusion detection monitoring and prevention on all devices, including those supporting Host-Based Security Systems (HBSSs).o Providing data feeds from all intrusion detection and prevention modules for incorporation into the Enterprise Security Incident Management System, for CorpsNet, cloud, DMZ, and SIPR in accordance with classification guidance.o Providing continuous monitoring of malware protection and detection mechanisms.o Providing administrator access to the designated Government POCs as required.o Providing active monitoring of the operational status, health, and performance of the monitoring tools and devices.o Actively monitoring vendor feeds, Army feeds, tippers, OPORDS, sensor grids, and intelligence feeds for new signature information.o Analyzing the information provided and providing recommendations for inclusion into the CorpsNet, and SIPRNet environments, while maintaining the classification of information.o Providing performance measurements, logs, and information feeds from the security monitoring systems (e.g., HBSS and IPS).o Maintaining access to current network architecture diagrams per DISA standards showing placement of sensors (e.g.,IDS/IPS, Routers, Netflow/PCAP systems, firewall, etc.).o Reporting on access to assets, including, but not limited to, network and host-based sensors for CorpsNet, CorpsNet extended network (JRSS and cloud), and SIPRNet.o Integrating and correlating data from USACE systems, servers, services, SIEM, and end points to measure, monitor, remediate, and remove threats to the environment in accordance with USACE OCIO/G-6 directivesMajor incident response duties include:
0Responding to alerts and violations identified, in accordance with cyber policy and incident response plans, as part of the SIEM
Qualifications Education:
o Bachelors and two (2) years or more experience; additional four (4) years experience in lieu of degree
Experience:
o Identifying incident threat level and nature based on the received alert or violation.o Identifying root cause, source, and methodology used to properly categorize the incident.o Providing AR 380-53 Network Damage Assessment, if necessary.o Gathering host logs from compromised system(s).o Taking corrective action to contain the incident, prevent further spread, and protect systems.o Providing forensically sound evidence collection and capabilities.o Eradicating the malicious event from infected hosts/network as directed by USACE OCIO/G-6.o Providing cyber clean-up as required, including the restoration of damaged data.o Recommending mitigating actions to prevent future infections or reinfection.o Configuring and fine-tuning detection/prevention capabilities.o Providing cyber After Action Reports (AARs), including lessons learned and final network damage assessment as identified by USACE OCIO/G-6.o Providing analysis, correlation, and trending of anomalous events and incidents.o Supporting incident response team deployment to USACE OCIO/G-6 locations.o Coordinating and sharing data with other Federal agencies and DoD commands as directed by USACE OCIO/G-6.o Providing analysis and reverse engineering of cyber threats.o Implementing mitigation measures in response to general or specific threats on the respective networks in accordance with USACE OCIO/G-6 directivesCERTIFICATION REQUIRED:
Must have at least one of the followingo CEH - Certified Ethical Hackero CySA
- Cybersecurity Analyst Pluso GICSP - GIAC Global Industrial Cyber Security Professionalo SSCP - Systems Security Certified Practitionero CFR - CyberSec First Responder CLEARANCE REQUIREMENT:
o Must have an Interim Secret clearance with ability to obtain and maintain a Secret clearanceTarget salary range:
$75,001 - $100,000The estimate displayed represents the typical salary range for this position based on experience and other factorsSAIC accepts applications on an ongoing basis and there is no deadlineCovid Policy:
SAIC does not require COVID-19 vaccinations or boostersCustomer site vaccination requirements must be followed when work is performed at a customer site. Recommended Skills Certified Ethical Hacker Computer Security Confidentiality Corrective And Preventive Action (Capa) Criminal Investigation Firewalls (Computer Science) Apply to this job. Think you're the perfect candidate? Apply on company site $('.external-apply-email-saved').on('click', function (event) window.ExternalApply = window.open('/interstitial?jobdid=j3v19p6qbs4gspl8lv0', 'ExternalApply-j3v19p6qbs4gspl8lv0'); ); $(document).ready( function() $(#ads-desktop-placeholder).html(
n
n
n Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
