Kratos Defense & Security Solutions, Inc. Cyber Incident Handler in Ft. Huachuca, Arizona

Job Descriptions:

Looking for an experienced information/network system security specialist with knowledge of DoD information and network system administration requirements. Must be a hands-on administration specialist reporting to the cybersecurity lead or manager. Selectee is responsible for administering information system security solutions and must be an experienced cybersecurity and information assurance specialist with demonstrated experience and ability to do the following:

• Analyzes security events in partnership with other support organizations to counteract malicious activity detected on the network.• Assists in conducting both Internet and conventional research to complete technical analysis and testing.• Assists in researching security events using complex technical and analytical tools and methods to protect customer information systems and networks.• Implements methods and tools that support Computer Network Defense Service Provider Program (CNDSP) operations in support of the customer's mission.• Analyzes security events using approved tactics, techniques, tools and procedures.• Elevates security events for further investigation.• Provides input for security incident reports.• Performs intermediate-level risk analyses tasks, which also includes risk assessment.• Knowledgeable of Security/Information Assurance (IA) products such as PKI, VPN, firewalls, and intrusion detection and prevention systems.• Travel to other countries may be required.• Other duties as documented in the Statement of Work (SOW).

Required Experience:

• Active Top Secret SCI Security Clearance Required.• IT or technical BS degree in computer science, information systems, or related technical degree.• Information security related disciplines are preferred.• Incident Response• Penetration Testing• From three to seven (3 - 7) years of information/network system experience in DoD or comparable US Government security management experience as a vendor to the US Government or as a US Government employee.• Demonstrated experience with incident response consistent with DoDD O-8530.1; NIST 800 series, specifically, NIST 800-61, Rev2 “Computer Security Incident Handling Guide” and NIST 800-86 “Guide to Integrating Forensic Techniques into Incident Response” and any other controls and tools (e.g. Hercules VMS, SCCM, HBSS, McAfee and Symantec antivirus) that are applicable to information and network system security. Must be familiar with networking hardware and software; including routers, switches, firewalls, and TCP/IP. Ability to use analysis tools and develop testing procedures. Superior knowledge of computer operations and hacker techniques and exploits. Ability to analyze data from various sources and draw conclusions regarding past and future cyber incidents. Demonstrated experience with establishing security controls to protect information systems and application of open- and closed-source resources consistent within the industry. Specific experience in monitoring, evaluating, and interpreting vulnerabilit ies, CVEs, remedies, mitigation measures, techniques for escalation, social engineering tactics, phishing techniques, and performing vulnerability assessments.

At least one (1) certification from IAT Level II and one (1) from the CNDSP category of the following companies is required: (ISC)2, SANS Institute, CompTIA, Cisco Systems, Software Engineering Institute (SEI) or the EC-Council

• Information Assurance Technician Level II (IAT II)o System Security Certified Practitioner (SSCP)o GIAC Security Essentials Certification (GSEC)o Security+ CEo CCNA-Security

• Computer Network Defense Service Provider (CNDSP) Analysto System Security Certified Practitioner (SSCP)o GIAC Certified Incident Analyst (GCIA)o GIAC Certified Incident Handler (GCIH)o Certified Ethical Hacker (C|EH)

• CNDSP Infrastructure Supporto System Security Certified Practitioner (SSCP)o Certified Ethical Hacker (C|EH)

• CNDSP Incident Respondero GIAC Certified Incident Handler (GCIH)o Certified Ethical Hacker (C|EH)o CERT - Certified Computer Security Incident Handler (CSIH)o GIAC Certified Forensic Analyst (GCFA)

• CNDSP Auditoro GIAC Systems and Network Auditor (GSNA)o Certified Ethical Hacker (C|EH)o Certified Information Systems Auditor (CISA)

• Demonstrated experience with DODI 8500.01, “ Cybersecurity “, (2014), DODI 8510.01, “ Risk Management Framework (RMF) for DoD Information Technology (IT)”, (2014)• Demonstrated experience with and application in establishing security controls to protect information systems consistent within the industry.• Demonstrated experience with and application of open- and closed-source resources within industry.• Specific experience in monitoring, evaluating, and interpreting vulnerabilities, CVEs, remedies, mitigation measures, techniques for escalation, social engineering tactics, phishing techniques, and performing vulnerability assessments• Active Top Secret SCI Security Clearance Required.• IT or technical BS degree in computer science, information systems, or related technical degree.• Information security related disciplines are preferred.• Incident Response• Penetration Testing• From three to seven (3 - 7) years of information/network system experience in DoD or comparable US Government security management experience as a vendor to the US Government or as a US Government employee.• Demonstrated experience with incident response consistent with DoDD O-8530.1; NIST 800 series, specifically, NIST 800-61, Rev2 “Computer Security Incident Handling Guide” and NIST 800-86 “Guide to Integrating Forensic Techniques into Incident Response” and any other controls and tools (e.g. Hercules VMS, SCCM, HBSS, McAfee and Symantec antivirus) that are applicable to information and network system security. Must be familiar with networking hardware and software; including routers, switches, firewalls, and TCP/IP. Ability to use analysis tools and develop testing procedures. Superior knowledge of computer operations and hacker techniques and exploits. Ability to analyze data from various sources and draw conclusions regarding past and future cyber incidents. Demonstrated experience with establishing security controls to protect information systems and application of open- and closed-source resources consistent within the industry. Specific experience in monitoring, evaluating, and interpreting vulnerabilit ies, CVEs, remedies, mitigation measures, techniques for escalation, social engineering tactics, phishing techniques, and performing vulnerability assessments.

At least one (1) certification from IAT Level II and one (1) from the CNDSP category of the following companies is required: (ISC)2, SANS Institute, CompTIA, Cisco Systems, Software Engineering Institute (SEI) or the EC-Council

• Information Assurance Technician Level II (IAT II)o System Security Certified Practitioner (SSCP)o GIAC Security Essentials Certification (GSEC)o Security+ CEo CCNA-Security

• Computer Network Defense Service Provider (CNDSP) Analysto System Security Certified Practitioner (SSCP)o GIAC Certified Incident Analyst (GCIA)o GIAC Certified Incident Handler (GCIH)o Certified Ethical Hacker (C|EH)

• CNDSP Infrastructure Supporto System Security Certified Practitioner (SSCP)o Certified Ethical Hacker (C|EH)

• CNDSP Incident Respondero GIAC Certified Incident Handler (GCIH)o Certified Ethical Hacker (C|EH)o CERT - Certified Computer Security Incident Handler (CSIH)o GIAC Certified Forensic Analyst (GCFA)

• CNDSP Auditoro GIAC Systems and Network Auditor (GSNA)o Certified Ethical Hacker (C|EH)o Certified Information Systems Auditor (CISA)

• Demonstrated experience with DODI 8500.01, “ Cybersecurity “, (2014), DODI 8510.01, “ Risk Management Framework (RMF) for DoD Information Technology (IT)”, (2014)• Demonstrated experience with and application in establishing security controls to protect information systems consistent within the industry.• Demonstrated experience with and application of open- and closed-source resources within industry.• Specific experience in monitoring, evaluating, and interpreting vulnerabilities, CVEs, remedies, mitigation measures, techniques for escalation, social engineering tactics, phishing techniques, and performing vulnerability assessments.• Intermediary report writing skills.• Customer service skills training.

Keyword: Information Assurance, Certification and Authorization, C&A, DIACAP, RMF, NIST, vulnerability assessment, patch management, cybersecurity, Risk Management Framework. Penetration Testing, Pentesting.

From: Kratos Defense