Computer Network Defense Incident Response Support
ESSENTIAL JOB DUTIES AND RESPONSIBILITIES
This job requires a U.S. Top Secret Security Clearance with Sensitive Compartment Information (SCI) access and a Counter Intelligence (CI) Polygraph. Analyzes system requirements and coordinates design and development activities
- Perform computer network defense (CND) incident triage
- To include determining, urgency, and potential impact
- Identifying the specific vulnerability; and making recommendations that enable expeditious remediation, perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
- Perform real-time computer network defense (CND) incident handling (e.g., forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)
- Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts, and track and document computer network defense (CND) incidents from initial detection through final resolution.
- Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness)
- Collect Intrusion artifacts (e.g., source code, malware, and Trojans) and use discovered data to enable mitigation of potential computer network defense (CND) incidents within the enterprise.
Minimum Job Requirements:
- Must be U.S. citizen.
- Must be able to travel domestically in an auto, must have a driver’s license or able to obtain a state driver’s license.
- 10 years recent (since 2004) work experience in incident response.
- 4 year degree in computer science.
- IAM level III certification with documented additional education, specialization or certification in one of the following government provided items:
- Acunetix, Adobe, Armitage Cobalt Strike, FireEye, Fluke Networks Air Magnet, F-Response, Encase Guidance Software, Hey Rays IDA Pro, IBM, McAfee Advanced Threat Defense, Network Miner Pro, Palo Alto, Burp Suite Professional, Metasploit Rapid 7, Red Seal, Splunk, VMWare, Domain Tools, Virus Total, and Microsoft Products.
- Provide Python Programming, PowerShell Programming, and Script Development
This job requires a U.S. Top Secret Security Clearance with Sensitive Compartment Information (SCI) access and a Counter Intelligence (CI) Polygraph.
Cubic is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, We are committed to ensuring a workplace free of discrimination based on race, color, religion, age, disability, genetic information, sex, sexual orientation, gender identity, or national origin, military or veteran status, and any other basis protected by applicable law.
Please note if applying for a position in the United States: All Applicants must furnish proof of citizenship or legal authorization to work in the United States at the time of hire, within three (3) working days. We will provide Social Security Administration (SSA), and if necessary the Department of Homeland Security (DHS), with information from each new employee's Form I-9 to confirm work authorization. Cubic is a current participant in E-Verify and conducts internal I-9 audits at least once per year.
Global Defense, Transportation Systems
Company Type: Public Company
Company Size: 5,001-10,000