Overview

The Cyber Security Operations Center at Electric Boat is looking for highly motivated individuals to join our team. Cyber threat activity never sleeps and the Security Operations Center is looking for individuals who are actively aware and ready to respond to emerging threats. The Cyber Defense Incident Responder will monitor the network and investigate, analyze, and respond to cyber incidents within the network environment. The Cyber Defense Incident Responder position responsibilities include the following:

Qualifications

Required Qualifications:

• An A.S./B.S. degree in Cybersecurity OR a high school degree and 2 years of equivalent experience in the following areas:
  • Working knowledge of computer networking concepts and protocols, and network security methodologies.
  • Working knowledge of system and application security threats and vulnerabilities.
  • Working knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
  • Working knowledge of Security Information Event Management and Endpoint Detection and Response Tools.
  • Working knowledge of Operating System processes and process trees.
  • Working knowledge of static and dynamic malware analysis.
  • Writing knowledge of packet-level analysis.
• Internal Candidate must be from organizations outside of operations (Casciano/Gabriel)

Preferred Qualifications:

• CompTIA Security , Network , A , or other IT related certifications.
• Familiarity with Nessus (Tenable), IBM Qradar, Carbon Black, and Site Protector.
• Familiarity with cloud service models and cloud incident response methods.
• Familiarity with ethical hacking and penetration testing.
• Familiarity with intrusion detection methodologies and techniques for detecting host and network-based intrusions.
• Familiarity of system administration, network, and operating system hardening techniques.

Skills

Skills & Abilities:

• The ability to read email headers and validate it was received from a legitimate source.
• The ability to parse system events and connect information between multiple systems.
• The ability to identify, capture, contain, and report on various types of malware.
• The ability to categorize types of vulnerabilities and associated attacks.
• The ability to work in a team environment or independent.
• Strong interpersonal skills.
• Proficient with multiple operating systems; to include Windows, Linux, iOS, Android.
• Proficient with basic scripting languages; preferably the ability to read and write PowerShell.
• Proficient with commercial off the shelf application installation and configuration.