Node.Digital

Cyber Incident Manager / Incident Manager

Node.Digital

full-time

Posted on:

Location: Virginia • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

Cyber SecuritySQLTypeScript

About the role

  • Support onsite incident response to civilian Government agencies and critical asset owners experiencing cyber-attacks
  • Perform investigations to characterize severity of breaches, develop mitigation plans, and assist with restoration of services
  • Correlate incident data to identify trends in reported incidents
  • Recommend defense-in-depth principles and practices
  • Perform Computer Network Defense incident triage (determine scope, urgency, potential impact)
  • Research and compile known resolution steps or workarounds to enable mitigation
  • Apply cybersecurity concepts to detection and defense of intrusions and conduct cursory log analysis
  • Monitor external data sources to maintain currency of CND threat conditions
  • Identify cause of incidents and determine key elements and potential infection vectors
  • Receive and analyze network alerts from various sources and determine possible causes
  • Track and document CND incidents from initial detection through final resolution and coordinate information across components
  • Provide support during assigned shifts (M-F Day Shift)

Requirements

  • U.S. Citizenship
  • Must have an active TS/SCI clearance
  • Must be able to obtain DHS Suitability
  • 5+ years of directly relevant experience in cyber incident management or cybersecurity operations
  • Knowledge of incident response and handling methodologies
  • Close familiarity with NIST 800-62 (latest revision) and FISMA standards as they pertain to reporting incidents
  • Knowledge of the NCCIC National Cyber Incident Scoring System to prioritize triaging of incidents
  • Knowledge of general attack stages (footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)
  • Skill in recognizing and categorizing types of vulnerabilities and associated attacks
  • Knowledge of basic system administration and operating system hardening techniques
  • Knowledge of Computer Network Defense policies, procedures, and regulations
  • Knowledge of different operational threat environments (first-, second-, third-generation)
  • Knowledge of system and application security threats and vulnerabilities (buffer overflow, mobile code, cross-site scripting, PL/SQL injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
  • BS in Incident Management, Operations Management, Cybersecurity or related degree (HS Diploma acceptable with 7-9 years incident management or cybersecurity experience)
  • Desired certifications: GCIH, GCFA, GISP, GCED, CCFP, CISSP