What are the responsibilities and job description for the incident response planner with Security Clearance position at ClearanceJobs?
Key Responsibilities
- Assists with difficult cybersecurity questions and requests from the customers.
- Direct sponsor engagement as required to review current and planned requirements for secure infrastructures that require compliance.
- Guide requirements gathering and analysis.
- Leads validation of security control configuration on systems, ensure all systems are configured to to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements.
- Articulates privacy requirements into product life-cycle including definition, requirements analysis, synthesis, cyber engineering analysis and implementation.
- Conducts privacy impact analyses and identify areas needing improvement and recommend necessary enhancements to achieve privacy goals.
- Reviews modifications to critical information systems and directs implementation of configuration changes.
- Mentors lower-level cybersecurity and IT professionals across the enterprise.
- Develop and implement incident response plans and procedures, ensuring a swift and effective response to security incidents or breaches.
- Coordinate incident investigations, containment, and recovery efforts as needed.
- In-depth knowledge of incident response protocols and remediation techniques.
- Plan and conduct incident response exercises to include table tops, simulations, and actual disruptions.
- Incident investigation and response experience, including the ability to work with IR stakeholders to gather required information for reporting.
- Submit all required IR reports to governing bodies within parameters set by law, regulation, contract, or policy.
- Consult with various partners, publications, websites, news sources, and cyber forums to provide daily updates on threats relative to our environments.
- Communicating threats to stakeholders outside of the cybersecurity department regarding threats and risks.
- Observe and document events as they unfold during exercises and incidents to facilitate lessons learned sessions.
- Deep knowledge of the current threat landscape, including knowledge of malware operation and indicators.
- Practical knowledge of security applications and technologies, as well as operating system platforms including Windows, Mac, Linux, and Networking technologies.
- Knowledge of application and infrastructure vulnerability scanning tools (e.g., Rapid7, Nessus, Qualys, Fortify, etc.) in complex or large organizations.
- Technical background to understand the characteristics and exploitation vectors for vulnerabilities being reported.
- Strong knowledge of Splunk, Tenable Nessus, API’s, Excel and Power BI Platform for data analytics.
- Experience with advanced Excel data manipulation and analysis including pivot tables, light macros, intermediate formulas.
- Previous experience in analyzing data to present relevant metrics to remediation stakeholders and leadership.
- Sound knowledge of common infrastructure vulnerability categorizations such as CVE, CVSS, and/or CWE.
- Deep understanding of cybersecurity best practices and frameworks such as NIST 800-53/171, CMMC, RMF, MITRE, ATT&CK Framework, and OWASP top 10.
- Incident management expertise with ability to translate technical risks for business leaders.
- Excellent written and verbal communication skills.
- One or more basic cybersecurity certifications such as: Security , CEH, CND, CySA , CCNA-Security or equivalent.
- Active Secret Clearance.
- Master’s degree.
- 5 years of experience in incident response.
- 9 years of experience in vulnerability management.
- Experience leading or managing an Incident Response Program.
- One or more advanced cybersecurity certifications such as: CISSP, CISM, CRISC, CISA, CASP, GEVA, CCNP-Security or equivalent.
