Sr. Cyber Defense Incident Responder

QUALIFICATIONS:

• 6 years of experience in conducting incident handling/response, cyber threat hunting, Computer forensics, Cyber Network Defense and Analysis
• Bachelor’s Degree or Higher in Cybersecurity, Computer Science or related field
• IAT III 8140 Certification
• GIAC Certified Forensic Analyst (GCFA)
• Security Clearance: Top Secret/SCI with potential for higher read-ins 
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
• Knowledge of cybersecurity principles.
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of specific operational impacts of cybersecurity lapses.
• Knowledge of authentication, authorization, and access control methods.
• Knowledge of cyber defense and vulnerability assessment tools, including open-source tools, and their capabilities.
• Ability to interpret and incorporate data from multiple tool sources.
• Knowledge of computer networking concepts and protocols, and network security methodologies
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
• Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies.
• Knowledge of Palo Alto XOAR playbook development.
• Linux Incident response and forensics background.
• Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
• Knowledge of network traffic analysis methods
• Skilled in deep packet inspection (DPI), anomaly detection, and traffic pattern analysis using tools like Zeek, Wireshark, NetFlow, and PCAP replay environments

Want to learn more about Government Services? Check us out on our platform:

https://www.wwt.com/public-sector

https://www.wwt.com/government-services

Preferred locations: San Antonio, TX and surrounding areas

Certain states and localities require employers to post a reasonable estimate of salary range. A reasonable estimate of the current base pay range for this position is $135,000.00 to $155,000.00 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base pay.

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

• Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
• Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
• Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement
• Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a culture of belonging that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All!

If you have any questions or concerns about this posting, please email taposting@wwt.com.

#LI-AH1

Qualifications:

This is a full-time direct hire position and you must currently have an active TS/SCI Security Clearance or above.  We are not able to offer visa sponsorship, 1099 status, or work with C2C for this role.

Why WWT?

At World Wide Technology, we work together to make a new world happen. Our important work benefits our clients and partners as much as it does our people and communities across the globe. WWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for All. We achieve this through our world-class culture, generous benefits and by delivering cutting-edge technology solutions for our clients.

Founded in 1990, WWT is a global technology solutions provider leading the AI and Digital Revolution. WWT combines the power of strategy, execution and partnership to accelerate digital transformational outcomes for organizations around the globe. Through its Advanced Technology Center, a collaborative ecosystem of the world's most advanced hardware and software solutions, WWT helps clients and partners conceptualize, test and validate innovative technology solutions for the best business outcomes and then deploys them at scale through its global warehousing, distribution and integration capabilities.

With over 12,000 employees across WWT and Softchoice and more than 60 locations around the world, WWT's culture, built on a set of core values and established leadership philosophies, has been recognized 14 years in a row by Fortune and Great Place to Work® for its unique blend of determination, innovation and creating a great place to work for all.

Want to work with highly motivated individuals on high-performance teams? Join WWT today!

What is the Government Services Team and why join? 

Our Government Services team provides cleared resources with a global reach to federal civilian, Department of Defense (DoD), and intelligence community markets. We excel at delivering innovative, operationally ready, and cost-effective IT solutions that accelerate the interoperability and resiliency of mission-critical systems.

What will you be doing?

WWT is seeking a Sr Cyber Defense Incident Responder to support the requirements of the 33 Cyber Operations Squadron (33 COS) in efforts to provide incident response on alerts from systems newly aligned to the Air Force Cyber Security Support Provider (CSSP).

LOCATION:  San Antonio, TX (fully on-site at Lackland AFB)

RESPONSIBILITIES:

• Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
• Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
• Coordinate with enterprise-wide cyber defense staff to validate network alerts.
• Document and escalate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Identify and analyze anomalies in network traffic using metadata.
• Identify applications and operating systems of a network device based on network traffic.
• Perform cyber defense trend analysis and reporting.
• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
• Ability to interpret and incorporate data from multiple tool sources.
• All other duties as defined by CSSP.

Salary : $135,000 - $155,000