M

Cybersecurity Engineer/Defense Operations Lead(Partial Telework)

Mclean Intelligent Workforce
Full-time
Remote

Job Description:



  • Conduct intrusion assessments (red/blue/hunt team activities) to validate compliance and identify exposures with existing defensive cyber operations software, tools, and systems. Identify exploitable vulnerable points and provide remediation recommendations.


  • Collect and keep audit data in order to conduct a technical analysis relating to misuse, penetration, or other incidents.


  • Develop tailored countermeasures to address identified threats and prevent or mitigate potential cyber event impacts to DCSA.


  • This is a partial Telework position


Education and Experience:



  • Bachelor’s Degree in Information Technology, Information Systems Management, or Cybersecurity and 7 Years- managerial Computer Network Defense or Cyber Operations experience


Clearance Level:



An Active
TS/SCI Clearance





Requirements

Basic Requirements:



  • Knowledge of standard DISA Security Technical Information Guides, NIST SP 800-61, CJCSM 6510.01 B, United States Cyber Command guidelines, and other applicable DoD Cybersecurity and Computer Network Defense policies


  • Develop tailored countermeasures to address identified threats and prevent or mitigate potential cyber event impacts


  • Experience scoping and participating in red/blue testing in order to confirm/tune detection, alerting, and prevention systems


  • Demonstrated experience integrating multiple tools in a cyber defense architecture, getting maximum usage and efficiency from those tools, identifying gaps and recommending solutions to close/secure those gaps.


  • Experience developing and reporting metrics, preferably in a near-real time dashboard or common operating picture.


  • Develop, maintain, and provide a weekly brief that captures all of the cyber events including metrics and trendsΒ 


  • Be able to maintain TS/SCI clearance and access to required commercial and/or DoD systems including NIPRNet, SIPRNet, and JWICS


  • Liaise with internal and external partners at all levels, government and private sector, in order to benefit the organization and provide for more uniform situational awareness and common defense


  • Lead SOC shift change briefings


  • Correlate warning intelligence and attack sensing and warning (AS&W) data to search for advanced, persistent, and coordinated threats across the enterprise


  • Analyze impact of cyber warning intelligence and AS&W


  • Led a team of 3 or more analysts in a cohesive and collaborative effort to proactively and reactively defend an enterprise network









Apply now
Share this job
Twitter Facebook Linkedin Email