AbleVets

  • CND Incident Responder

    Job Locations US-SC
    Job ID 2018-2079
  • Overview

    AbleVets, LLC is a fast-growing Service Disabled Veteran Owned Small Business (SDVOSB) providing healthcare information technology services and resources to help the Veterans Affairs (VA) and Department of Defense (DoD) improve the lives of the people they serve. AbleVets has an opportunity for an experienced, motivated CND Incident Responder. The position is located on-site at the customer’s facility in South Carolina.

    Essential Functions and Job Responsibilities

    The CND-Incident Response Analyst will identify, isolate, investigate, inform, and implement measures to detect and protect data across a wide spectrum of source types and locations. The CND-Incident Response Analyst is required to validate suspicious events or reports and determine if the event constitutes an incident. The CND-Incident Response Analyst will ensure incidents are properly entered into the appropriate automated reporting system and determine the severity of the incident. Reporting and response measures will be taken immediately in order to meet the Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01 reporting requirements. The CND-Incident Response Analyst must have in-depth technical expertise with packet analysis, system log analysis, SNORT / Suricata / BRO development and implementation. Responsibilities include but are not limited to:

    • Ensure associated documentation and capabilities remain compliant with CJCSM 6510.01A and other applicable policy directives.
    • Provide network intrusion detection and monitoring, correlation analysis, incident response and support for the Network Security Operations Center (NSOC) and its subscriber sites.
    • Validate suspicious events or reports and determine if the event constitutes an incident and properly enter associated data into the appropriate automated reporting systems.
    • Provide coordination of significant incidents with CYBERCOM and supported entities to ensure proper analysis is performed and timely and accurate reporting of the incident is affected.
    • Provide, develop, and maintain a forensic capability to enhance response to, support of, and investigation into significant network incidents in order to provide a clearer view of the exploits, vulnerabilities, and TTP used to cause the incident.
    • Provide support for the NSOC’s Incident Response 24x7 support capability during non-core business hours consistent with CNDSP requirements as needed.
    • Participate in program reviews, product evaluations, and onsite certification evaluations.

    Qualifications

    • Bachelor’s degree in Computer Science, Information Systems, or other related scientific or technical discipline with a minimum of six (6) years of related experience. An additional six (6) years of experience may be substituted for education requirement.
      To qualify based on your experience, your resume must describe at least 6 years of information technology experience and a minimum of 2-3 years of network security analysis using various IDS/IPS systems.
    • Active Secret clearance, upgradable to Top Secret/SCI Clearance Required
    • 8570.01-M CND Incident Responder Category IAT I, II or III Certification Required
    • Excellent oral and written communications skills.
    • Familiarity with CJCSM 6510.01.
    • The ability to compile and maintain an internal standard operating procedure (SOP) documentation.
    • Experience with Splunk, Flow Analysis Tools, IDS/IPS, etc.
    • In-depth technical expertise with packet analysis, SNORT / Suricata / BRO development, and implementation.
    • Technical experience in reviewing and understanding systems logs to include Sysmon logs.
    • Familiarity with Linux at the CLI level and conducting analysis at the packet level.
    • The ability to ingest adversarial tactics, techniques, and procedures in order to remain flexible and functional.
    • Additional Information: Due to the nature of the work required, operations are conducted 24/7/365 with three primary shifts. Choice of shifts will be made available with the understanding that placement is at the discretion of the CND Services Director and/or assigned manager.
    • Competency in the following areas:
      • Knowledge of Information Technology
      • Knowledge of Incident Response Procedures
      • Knowledge of Digital Forensics
      • Knowledge of Packet Analysis
      • Knowledge of System Log Analysis (Windows and Linux)
      • Logical thinking and analytical ability
      • The ability to solve problems independently
      • Verbal and written communication ability
      • Sound decision-making ability

     

    EEO Statement

    AbleVets LLC appreciates your interest in our company as a place of employment.  We are proud to be an equal opportunity/affirmative action employer and are committed to hiring and retaining a diverse workforce.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability, veteran status, or any other protected class.  AbleVets is a VEVRAA Federal Contractor.  

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed