incident response planner with Security Clearance
Apply NowCompany: TEKsystems c/o Allegis Group
Location: Atlanta, GA 30301
Description:
Key Responsibilities
Assists with difficult cybersecurity questions and requests from the customers.
Direct sponsor engagement as required to review current and planned requirements for secure infrastructures that require compliance.
Guide requirements gathering and analysis.
Leads validation of security control configuration on systems, ensure all systems are configured to to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements.
Articulates privacy requirements into product life-cycle including definition, requirements analysis, synthesis, cyber engineering analysis and implementation.
Conducts privacy impact analyses and identify areas needing improvement and recommend necessary enhancements to achieve privacy goals.
Reviews modifications to critical information systems and directs implementation of configuration changes.
Mentors lower-level cybersecurity and IT professionals across the enterprise.
Additional Responsibilities
Develop and implement incident response plans and procedures, ensuring a swift and effective response to security incidents or breaches.
Coordinate incident investigations, containment, and recovery efforts as needed.
In-depth knowledge of incident response protocols and remediation techniques.
Plan and conduct incident response exercises to include table tops, simulations, and actual disruptions.
Incident investigation and response experience, including the ability to work with IR stakeholders to gather required information for reporting.
Submit all required IR reports to governing bodies within parameters set by law, regulation, contract, or policy.
Consult with various partners, publications, websites, news sources, and cyber forums to provide daily updates on threats relative to our environments.
Communicating threats to stakeholders outside of the cybersecurity department regarding threats and risks.
Observe and document events as they unfold during exercises and incidents to facilitate lessons learned sessions.
Deep knowledge of the current threat landscape, including knowledge of malware operation and indicators.
Required Minimum Qualifications
Practical knowledge of security applications and technologies, as well as operating system platforms including Windows, Mac, Linux, and Networking technologies.
Knowledge of application and infrastructure vulnerability scanning tools (e.g., Rapid7, Nessus, Qualys, Fortify, etc.) in complex or large organizations.
Technical background to understand the characteristics and exploitation vectors for vulnerabilities being reported.
Strong knowledge of Splunk, Tenable Nessus, APIs, Excel and Power BI Platform for data analytics.
Experience with advanced Excel data manipulation and analysis including pivot tables, light macros, intermediate formulas.
Previous experience in analyzing data to present relevant metrics to remediation stakeholders and leadership.
Sound knowledge of common infrastructure vulnerability categorizations such as CVE, CVSS, and/or CWE.
Deep understanding of cybersecurity best practices and frameworks such as NIST 800-53/171, CMMC, RMF, MITRE, ATT&CK Framework, and OWASP top 10.
Incident management expertise with ability to translate technical risks for business leaders.
Excellent written and verbal communication skills.
One or more basic cybersecurity certifications such as: Security+, CEH, CND, CySA+, CCNA-Security or equivalent.
Preferred Qualifications
Active Secret Clearance.
Masters degree.
5 years of experience in incident response.
9 years of experience in vulnerability management.
Experience leading or managing an Incident Response Program.
One or more advanced cybersecurity certifications such as: CISSP, CISM, CRISC, CISA, CASP, GEVA, CCNP-Security or equivalent.
Assists with difficult cybersecurity questions and requests from the customers.
Direct sponsor engagement as required to review current and planned requirements for secure infrastructures that require compliance.
Guide requirements gathering and analysis.
Leads validation of security control configuration on systems, ensure all systems are configured to to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements.
Articulates privacy requirements into product life-cycle including definition, requirements analysis, synthesis, cyber engineering analysis and implementation.
Conducts privacy impact analyses and identify areas needing improvement and recommend necessary enhancements to achieve privacy goals.
Reviews modifications to critical information systems and directs implementation of configuration changes.
Mentors lower-level cybersecurity and IT professionals across the enterprise.
Additional Responsibilities
Develop and implement incident response plans and procedures, ensuring a swift and effective response to security incidents or breaches.
Coordinate incident investigations, containment, and recovery efforts as needed.
In-depth knowledge of incident response protocols and remediation techniques.
Plan and conduct incident response exercises to include table tops, simulations, and actual disruptions.
Incident investigation and response experience, including the ability to work with IR stakeholders to gather required information for reporting.
Submit all required IR reports to governing bodies within parameters set by law, regulation, contract, or policy.
Consult with various partners, publications, websites, news sources, and cyber forums to provide daily updates on threats relative to our environments.
Communicating threats to stakeholders outside of the cybersecurity department regarding threats and risks.
Observe and document events as they unfold during exercises and incidents to facilitate lessons learned sessions.
Deep knowledge of the current threat landscape, including knowledge of malware operation and indicators.
Required Minimum Qualifications
Practical knowledge of security applications and technologies, as well as operating system platforms including Windows, Mac, Linux, and Networking technologies.
Knowledge of application and infrastructure vulnerability scanning tools (e.g., Rapid7, Nessus, Qualys, Fortify, etc.) in complex or large organizations.
Technical background to understand the characteristics and exploitation vectors for vulnerabilities being reported.
Strong knowledge of Splunk, Tenable Nessus, APIs, Excel and Power BI Platform for data analytics.
Experience with advanced Excel data manipulation and analysis including pivot tables, light macros, intermediate formulas.
Previous experience in analyzing data to present relevant metrics to remediation stakeholders and leadership.
Sound knowledge of common infrastructure vulnerability categorizations such as CVE, CVSS, and/or CWE.
Deep understanding of cybersecurity best practices and frameworks such as NIST 800-53/171, CMMC, RMF, MITRE, ATT&CK Framework, and OWASP top 10.
Incident management expertise with ability to translate technical risks for business leaders.
Excellent written and verbal communication skills.
One or more basic cybersecurity certifications such as: Security+, CEH, CND, CySA+, CCNA-Security or equivalent.
Preferred Qualifications
Active Secret Clearance.
Masters degree.
5 years of experience in incident response.
9 years of experience in vulnerability management.
Experience leading or managing an Incident Response Program.
One or more advanced cybersecurity certifications such as: CISSP, CISM, CRISC, CISA, CASP, GEVA, CCNP-Security or equivalent.