Cyber Engineer - Senior II
Pensacola, FL or Dulles,VA
Full Time
Manager/Supervisor
Must have an active Top Secret clearance with an ability to obtain TS/SCI clearance

NOTE: Location for this Job can be EITHER Pensacola, FL or Dulles, VA (Salary ranges differ)

This position requires shift work including nights/weekends onsite

Responsibilities include:
- Responsible for leading cyber incident response actions in a 24 x 7 shift environment and reporting incidents to stakeholders and leadership through the CIRT ticketing system and other communication channels.
- Providing expert level technical direction to the shift team performing detection, response, mitigation, and reporting of cyber threats affecting customer on-prem systems, networks and cloud environments
- Producing reports and briefs to provide an accurate depiction of the current threat landscape and associated risk based on customer, community, and open-source reporting
- Analyzing and reporting cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions
- Developing and implementing training standards and procedures, to include Work Instructions, Joint Qualification Requirements, and Standard Operating Procedures
- Oversee the training of newly assigned analysts

Required Skills:
- Must be a US Citizen
- Must have an active Top Secret clearance with an ability to obtain TS/SCI clearance
- Must be able to obtain DHS Suitability
- Exceptional oral and written communication
- 6+ years of directly relevant experience
- 5+ years leading incident response teams in a SOC or CSOC/CIRT environments
- Must pass internal qualification requirements within specified time constraints
- Hands-on experience in a SOC/CIRT performing the detection, response, mitigation, and reporting of cyber threats affecting client networks and one or more of the following:
- Experience in computer intrusion analysis and incident response
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Strong experience with Cyber Security Incident Response training and mentoring
- Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
- Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks

Desired Skills:
- Experience with cloud-based cyber detection and incident response
- Experience in computer evidence seizure, intrusion detection, computer/network forensic analysis, or data recovery
- Prior experience with SIEM Technologies (Splunk)
- Scripting experience (Linux/Windows command line, Python, Perl, etc.)
- Prior experience with data visualization products.

Required Education:
Bachelors degree in Information Security, Cyber Engineering or a related discipline is required.
[Eight (8) years of experience (for a total of fourteen (14) or more years) may be substituted for a degree.]

Required Certifications (at least 2):
DoDI 8570.01-M IAT Level II Technical Certification (Security+ CE, CCNA + Security, SSCP, CISSP) or equivalent AND an Incident Response Certification (CEH, ECIH, CYSA+, GCIH, GCIA, GNFA, or comparable certification)