|Date Posted||November 17, 2020|
ECS is seeking a Cybersecurity Ops Analyst Senior-Incident Response to work in our Washington, DC office. Please Note: This position is contingent upon contract award.
Candidate will perform incident response duties within the Enterprise Security Operation Center. They will work alongside their customer employees to react to pending, discovered, or actual incidents to immediately remediate the threat, communicate with stakeholder according to the incident threat checklist, and document findings within After Action Reports, logging the incident and providing learned intelligence gathered throughout the incents lifecycle. The candidate will work with specialized cybersecurity professionals that perform intelligence/ threat-based security assessments on critical systems, major applications, and networks to identify security risks to brief systems owners of the potential impacts of those risks to their mission. Candidates should be able to apply and understand a wide range of technical principles, theories and concepts.
- Bachelors in Cybersecurity or Information Technology or equivalent practical implementation experience
- Must have a Top-Secret Clearance with SCI Eligibility
- Experience with cybersecurity incident response and assessments
- Assist in systems security analysis and assessments, including identifying risk criticalities and handling options, to inform decision making
- Assist in development of systems security and cybersecurity strategy development, system testing and evaluation, and verification and validation efforts
- Experience analyzing PCAP data
- Must demonstrate expert knowledge in Incident Response and one or more of the following areas:
- Threat Hunting, Digital Forensics, Monitoring and Detection, Cyber Intelligence Analysis, Data Loss Prevention
- Investigate information security incidents to determine extent of compromise to information and automated information systems, must be familiar with notable event triage, Host Forensics, Network Analysis
- Respond to escalated notable events from security tooling to develop/execute security controls, Defense/countermeasures to prevent internal or external attacks or attempts to infiltrate company email, data, and web-based systems
- Research attempted or successful efforts to compromise systems security and designs countermeasures. Stay educated on latest trends, techniques, tactics and procedures
- Experience with vulnerability management
- Experience working in a Security Operations Center (SOC) Environment
- Analyze potential attack vectors, loss conditions and unacceptable loss consequences and propose mitigation approaches
- Extensive knowledge and understanding of complex network environments.
- Experience with Python
- Research and develop unique, cutting-edge technical capabilities and processes for understanding, assessing, and analyzing system and technology resilience and security
- Create, modify or assist with authoring scripts to automate repetitive tasks, freeing up time to focus on advanced investigations and other projects
- Provide technical solutions to a wide range of difficult problems
- Independently determine and develop an approach to solve problems
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.