Z FEDERAL
Cyber Defense Incident Responder
Z FEDERAL, Washington, District of Columbia, us, 20022
CYBER DEFENSE INCIDENT RESPONDER
Z FEDERAL
is seeking a Junior Cyber Defense Incident Responder to support a full range of cyber security services on a contract in Washington DC. The position is full-time/permanent and will support a U.S. Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance. This is a daytime hybrid role in which the candidate will be required to be at the client site 3x/wk.
Security Clearance Requirement: Active Secret clearance
Responsibilities Include but not limited to:
Develop content for cyber defense tools.
Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
Coordinate with enterprise-wide cyber defense staff to validate network alerts.
Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
Perform cyber defense trend analysis and reporting.
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
Identify and analyze anomalies in network traffic using metadata.
Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
Qualifications/Requirements:
Bachelors Degree
4+ years' experience in Introductory information assurance, networks, sensor operations, network/data analysis, packet capture analysis, hunts methodologies, intelligence analysis.
Certifications addressing new attack vectors (emphasis on cloud computing technology, mobile platforms and tablet computers), new vulnerabilities, existing threats to operating environments
Strong written and verbal communication skills.
Ability to interpret the information collected by network tools (e.g., Nslookup, Ping, and Traceroute).
Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
Knowledge of incident response and handling methodologies.
Knowledge of front-end collection systems, including traffic collection, filtering, and selection.
Experience with system administration, network, and operating system hardening techniques.
Knowledge of cyber defense and information security policies, procedures, and regulations.
Knowledge of the common attack vectors on the network layer.
Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
In-depth understanding of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
Knowledge of various types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN).
Knowledge of file extensions (e.g., .dll, .bat, .zip, .pcap, .gzip).
Knowledge of front-end collection systems, including traffic collection, filtering, and selection.
Additional Experience Preferred :
Experience in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
Ability to analyze malware, conduct vulnerability scans, and recognize vulnerabilities in security systems.
Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
Experience evaluating the adequacy of security designs.
Skill in using incident handling methodologies.
Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
Experience with using protocol analyzers and collecting data from a variety of cyber defense resources.
Experience reading and interpreting signatures (e.g., snort).
Experience with assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.)
Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Z FEDERAL
is a professional services firm located in Greenbelt, MD. Founded in 1983 to provide IT and management consulting services to the Federal Government, we have established a proven track record of reliable performance in the Federal marketplace.
Z FEDERAL
has a history of long-term commitment to our Federal customers and our employees.
Z FEDERAL
offers:
Ownership via ESOP
Self-directed 401K and annual company match
Up to four weeks of paid time off (PTO)
11 paid federal holidays
Other forms of leave such as bereavement, jury duty, military leave
Full Health Benefits: Medical and Vision, Dental (employee-paid)
Life Insurance
Short and Long Term Disability, AD&D Insurance
Flexible Spending Account (Medical and Dependent Care)
Performance-based bonuses
Tuition Reimbursement
Incentive and referral bonuses
Commuter benefits
Professional Development and Training
Years of Service Reward and Recognition Program
Z FEDERAL 's commitment to employee growth and development is proven and valued by our staff. We want our employees to excel, grow professionally and take on increasingly responsible roles.
Z FEDERAL
is seeking a Junior Cyber Defense Incident Responder to support a full range of cyber security services on a contract in Washington DC. The position is full-time/permanent and will support a U.S. Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance. This is a daytime hybrid role in which the candidate will be required to be at the client site 3x/wk.
Security Clearance Requirement: Active Secret clearance
Responsibilities Include but not limited to:
Develop content for cyber defense tools.
Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
Coordinate with enterprise-wide cyber defense staff to validate network alerts.
Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
Perform cyber defense trend analysis and reporting.
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
Identify and analyze anomalies in network traffic using metadata.
Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
Qualifications/Requirements:
Bachelors Degree
4+ years' experience in Introductory information assurance, networks, sensor operations, network/data analysis, packet capture analysis, hunts methodologies, intelligence analysis.
Certifications addressing new attack vectors (emphasis on cloud computing technology, mobile platforms and tablet computers), new vulnerabilities, existing threats to operating environments
Strong written and verbal communication skills.
Ability to interpret the information collected by network tools (e.g., Nslookup, Ping, and Traceroute).
Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
Knowledge of incident response and handling methodologies.
Knowledge of front-end collection systems, including traffic collection, filtering, and selection.
Experience with system administration, network, and operating system hardening techniques.
Knowledge of cyber defense and information security policies, procedures, and regulations.
Knowledge of the common attack vectors on the network layer.
Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
In-depth understanding of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
Knowledge of various types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN).
Knowledge of file extensions (e.g., .dll, .bat, .zip, .pcap, .gzip).
Knowledge of front-end collection systems, including traffic collection, filtering, and selection.
Additional Experience Preferred :
Experience in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
Ability to analyze malware, conduct vulnerability scans, and recognize vulnerabilities in security systems.
Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
Experience evaluating the adequacy of security designs.
Skill in using incident handling methodologies.
Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
Experience with using protocol analyzers and collecting data from a variety of cyber defense resources.
Experience reading and interpreting signatures (e.g., snort).
Experience with assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.)
Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Z FEDERAL
is a professional services firm located in Greenbelt, MD. Founded in 1983 to provide IT and management consulting services to the Federal Government, we have established a proven track record of reliable performance in the Federal marketplace.
Z FEDERAL
has a history of long-term commitment to our Federal customers and our employees.
Z FEDERAL
offers:
Ownership via ESOP
Self-directed 401K and annual company match
Up to four weeks of paid time off (PTO)
11 paid federal holidays
Other forms of leave such as bereavement, jury duty, military leave
Full Health Benefits: Medical and Vision, Dental (employee-paid)
Life Insurance
Short and Long Term Disability, AD&D Insurance
Flexible Spending Account (Medical and Dependent Care)
Performance-based bonuses
Tuition Reimbursement
Incentive and referral bonuses
Commuter benefits
Professional Development and Training
Years of Service Reward and Recognition Program
Z FEDERAL 's commitment to employee growth and development is proven and valued by our staff. We want our employees to excel, grow professionally and take on increasingly responsible roles.