Cybersecurity Incident Response Analyst with Security Clearance

In support of our aerospace client, this BluOmega employee will responds to and resolves cyber security incidents; participates in cyber incident response investigations requiring forensic, malware, and log analysis, and analyzes forensic images and triage datasets to identify indicators of compromise, lateral movement, and unauthorized access or exfiltration of data. Applies specific functional knowledge and working and general industry knowledge. Develops or contributes to solutions to a variety of problems of moderate scope and complexity. Works independently with some guidance and reviews or guides activities of junior employees. Basic Qualifications: 5+ years of experience in a Cybersecurity or IT field Experience with incident management and response activities across the incident life cycle Experience with threat detection technologies and tools, such as SIEM, IDS/IPS, and endpoint detection and response (EDR) solutions Ability to professionally communicate with internal and external customers Ability to obtain Secret clearance (at least an interim to begin onboarding) Bachelor's degree, or 4 additional years of experience in a Cybersecurity or IT field in lieu of degree Additional Qualifications: Cybersecurity Certifications such as CEH, CFR, CCNA Cyber Ops, CCNA–Security, CHFI, CySA+, GCFA, GCIH, SCYBER, or PenTest+ Certification Experience with performing anomaly or malware hunts using a common framework and standard methodology, including the MITRE ATT&CK framework Experience with Incident Response tools such as SentinelOne, SplunkES, Wireshark, FTK, Encase, etc. Ability to analyze Security Information and Event Management (SIEM) alerts to identify security issues for investigation and remediation Ability to be self–driven, work independently, and handle multiple tasks concurrently Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

#J-18808-Ljbffr