Job Details:

• Position: Cyber Security SME
• Location: Dulles, VA (Hybrid)
• Salary: $130k-$155k annually with benefits

Job Description: We are supporting a U.S. Government customer on a large mission-critical development and sustainment program. The role involves designing, building, delivering, and operating a network operations environment, including introducing new cyber capabilities to address emerging threats. We're seeking a Senior Cyber Security Subject Matter Expert (SME) to support our customer in the detection, response, mitigation, and reporting of cyber threats affecting client networks.

Responsibilities include:

• Providing 24 x 7 watch supporting continuous monitoring and incident response for hybrid cloud/on-prem customer networks
• Supporting the detection, response, mitigation, and reporting of cyber threats affecting customer networks
• Producing reports and briefs to provide an accurate depiction of the current threat landscape and associated risk
• Facilitating aggressive investigation of cyber activity targeting customer information and its information infrastructure
• Analyzing and reporting cyber threats, as well as assisting in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions
• Providing support during assigned shifts, including nights/weekends, with hybrid work on-site
• Developing and implementing training standards and procedures for newly assigned analysts

Required Skills:

• Must be a U.S. Citizen
• Must have an active Top Secret clearance with the ability to obtain TS/SCI clearance
• Must be able to obtain DHS Suitability
• 10 years of directly relevant experience
• Hands-on experience in a SOC performing the detection, response, mitigation, and/or reporting of cyber threats affecting client networks
• Experience in computer intrusion analysis and incident response
• Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
• Strong experience with Cyber Security Incident Response training
• Current experience with network intrusion detection and response operations
• Current experience with cyber threats and associated tactics, techniques, and procedures used to infiltrate computer networks
• MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)

Desired Skills:

• Experience with cloud-based security
• Experience in computer evidence seizure, intrusion detection, computer/network forensic analysis, or data recovery
• 3 years’ demonstrated experience as a SME in intrusion detection and incident response operations
• Prior experience with SIEM Technologies (Splunk)
• Scripting experience (Linux/Windows command line, Python, Perl, etc.)
• Prior experience with data visualization products

Required Certifications:

• DoDI 8570.01-M IAT Level II Technical Certification (Security CE, CCNA Security, SSCP, CYSA ) or equivalent
• Incident Response Certification (CEH, GCIH, GCIA, GNFA, or comparable certification)
• Relevant Cloud Security Certification (AWS or Azure)

Required Education:

• BS in Incident Management, Operations Management, Cybersecurity, or related degree
• HS Diploma with 22 years of incident management experience

Please let me know if you're interested in this role or if you have any questions. I look forward to hearing from you.

Best regards,