ASRC Federal Holding Company
Cybersecurity Incident Response Team (CIRT) Lead - Seaside, CA
ASRC Federal Holding Company, California, Missouri, United States, 65018
Job Title:
Cybersecurity Incident Response Team (CIRT) Lead - Seaside, CALocation:
400 GIGLING ROAD, SEASIDE, CA - CA077Functional Group:
Information TechnologyASRC Federal NetCentric Technology seeks a
Cybersecurity Incident Response Team (CIRT) Lead
to support our Cybersecurity Support Services contract with the Defense Manpower Data Center (DMDC). This position performs activities related to the Cyber Incident Response Team (CIRT), the team responsible for containing, responding to, and eradicating threats and other malicious activity. This position helps build and improve cybersecurity incident response capabilities and coordinate or participate in high-priority investigations, identifying incident response improvements, and preparing reports for management.Duties and Responsibilities:Lead and coordinate the organization's response to cyber incidents, ensuring rapid identification, containment, and resolution.Perform technical incident response investigations into cybersecurity related events and incidents.Determine the nature, scope, and cause of incidents including root cause analysis.Act as the primary point of contact for all major security incidents, managing communication with stakeholders, including senior leadership, mission owners, and external partners.Identify corrective actions and aid in the containment, eradication, and recovery of a given event and incident.Track incident response, corrective measures taken, recommendations, and remediation activities; complete incident reports for investigations as needed; provide or contribute to weekly report of events and incidents.Oversee real-time monitoring of security events, and lead the analysis and investigation of potential breaches, threats, and vulnerabilities.Create and maintain incident response SOP in accordance with CJCSM 6510.01B, NIST SP 800-61R2, DoD regulations, and industry best practices.Ensure thorough post-incident analysis to derive lessons learned, identifying gaps and implementing preventive measures.Ensure proper monitoring and logging across the network infrastructure and endpoints to detect and respond to cyber incidents promptly.Provide expert guidance on compliance with cybersecurity directives, ensuring the DoD program meets all required security controls and risk management policies.Provide regular reports to program leadership, DoD officials, and other stakeholders on the status of security incidents, lessons learned, and the effectiveness of response strategies.Lead the continuous improvement of incident response capabilities by identifying areas of weakness, recommending enhancements, and implementing new technologies and processes.Respond to and investigate cyber events should an incident occur after regular business hours.Qualifications and Requirements:Active DoD
Secret clearance
with the ability to obtain and maintain a
Top-Secret Clearance .On-site in Seaside, California.Active DoD 8570 IAT Level II certification or greater, including at least one of the following certifications in good standing: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP.Active DoD 8570 CSSP Incident Responder certification a plus, including at least one of the following certifications in good standing: CEH, CFR, CCNA Cyber Ops, CHFI, CySA+, GCFA, GCIH, SCYBER, or PenTest+.Knowledge of Incident Response Handling Procedures (NIST SP 800-61).Familiarity with cyber adversary tactics and frameworks (such as ATT&CK and D3FEND).Bachelor's Degree in computer science or related field.7+ years in Information Technology or Information Security.3+ years in Cybersecurity Incident Response.CIRT lead experience a plus.Benefits:
Comprehensive insurance packages including medical, dental, vision, life insurance, and short term/long term disability, as well as a 401k with generous company match. After 90 days of employment, regular full-time employees can get reimbursed up to $5,250 annually to go towards Associate's, Bachelor's, or Graduate Degrees; Industry standard professional certification; a professional certificate program; continuing education classes; and registration fees to attend professional conferences. 11 paid holidays and 4.62 hours of paid time off per pay period which equates to 3 weeks annually, increasing with tenure. Employee Resource Groups provide opportunities to collaborate and network with colleagues with common interests.We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. This position is offering a pay range of $115,000.00 - $135,000.00 depending on experience, seniority, geographic locations, and other factors permitted by law. Benefits offered may include healthcare, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.EEO Statement:
ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
#J-18808-Ljbffr
Cybersecurity Incident Response Team (CIRT) Lead - Seaside, CALocation:
400 GIGLING ROAD, SEASIDE, CA - CA077Functional Group:
Information TechnologyASRC Federal NetCentric Technology seeks a
Cybersecurity Incident Response Team (CIRT) Lead
to support our Cybersecurity Support Services contract with the Defense Manpower Data Center (DMDC). This position performs activities related to the Cyber Incident Response Team (CIRT), the team responsible for containing, responding to, and eradicating threats and other malicious activity. This position helps build and improve cybersecurity incident response capabilities and coordinate or participate in high-priority investigations, identifying incident response improvements, and preparing reports for management.Duties and Responsibilities:Lead and coordinate the organization's response to cyber incidents, ensuring rapid identification, containment, and resolution.Perform technical incident response investigations into cybersecurity related events and incidents.Determine the nature, scope, and cause of incidents including root cause analysis.Act as the primary point of contact for all major security incidents, managing communication with stakeholders, including senior leadership, mission owners, and external partners.Identify corrective actions and aid in the containment, eradication, and recovery of a given event and incident.Track incident response, corrective measures taken, recommendations, and remediation activities; complete incident reports for investigations as needed; provide or contribute to weekly report of events and incidents.Oversee real-time monitoring of security events, and lead the analysis and investigation of potential breaches, threats, and vulnerabilities.Create and maintain incident response SOP in accordance with CJCSM 6510.01B, NIST SP 800-61R2, DoD regulations, and industry best practices.Ensure thorough post-incident analysis to derive lessons learned, identifying gaps and implementing preventive measures.Ensure proper monitoring and logging across the network infrastructure and endpoints to detect and respond to cyber incidents promptly.Provide expert guidance on compliance with cybersecurity directives, ensuring the DoD program meets all required security controls and risk management policies.Provide regular reports to program leadership, DoD officials, and other stakeholders on the status of security incidents, lessons learned, and the effectiveness of response strategies.Lead the continuous improvement of incident response capabilities by identifying areas of weakness, recommending enhancements, and implementing new technologies and processes.Respond to and investigate cyber events should an incident occur after regular business hours.Qualifications and Requirements:Active DoD
Secret clearance
with the ability to obtain and maintain a
Top-Secret Clearance .On-site in Seaside, California.Active DoD 8570 IAT Level II certification or greater, including at least one of the following certifications in good standing: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP.Active DoD 8570 CSSP Incident Responder certification a plus, including at least one of the following certifications in good standing: CEH, CFR, CCNA Cyber Ops, CHFI, CySA+, GCFA, GCIH, SCYBER, or PenTest+.Knowledge of Incident Response Handling Procedures (NIST SP 800-61).Familiarity with cyber adversary tactics and frameworks (such as ATT&CK and D3FEND).Bachelor's Degree in computer science or related field.7+ years in Information Technology or Information Security.3+ years in Cybersecurity Incident Response.CIRT lead experience a plus.Benefits:
Comprehensive insurance packages including medical, dental, vision, life insurance, and short term/long term disability, as well as a 401k with generous company match. After 90 days of employment, regular full-time employees can get reimbursed up to $5,250 annually to go towards Associate's, Bachelor's, or Graduate Degrees; Industry standard professional certification; a professional certificate program; continuing education classes; and registration fees to attend professional conferences. 11 paid holidays and 4.62 hours of paid time off per pay period which equates to 3 weeks annually, increasing with tenure. Employee Resource Groups provide opportunities to collaborate and network with colleagues with common interests.We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. This position is offering a pay range of $115,000.00 - $135,000.00 depending on experience, seniority, geographic locations, and other factors permitted by law. Benefits offered may include healthcare, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.EEO Statement:
ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
#J-18808-Ljbffr