Sevatec Inc.

  • Incident Response Analyst - Senior

    Job Locations US-WV-Fairmont
    Posted Date 3 months ago(7/31/2018 12:15 PM)
    Job ID
    2018-1508
    # of Openings
    1
    Category
    Information Technology
  • Overview

    Sevatec is seeking to hire a senior Incident Responder for a NOAA client in Fairmont, WV. This person will be a part of a Computer Incident Response team that supports the Cyber Security Center’s network infrastructure across five different geographic sites. This team is responsible for cyber security incident response, forensics and recovery coordination throughout and supporting multiple operating system platforms within the NOAA enterprise. The Sr. Incident Responder will be responsible for investigation coordination, reporting and security control evaluation across the Cyber Security Center. 

    Responsibilities

    • Provide support for Incident Response, detection analysis, forensic imaging of systems, and extraction of digital information, malware and log analysis.
    • Monitor and analyze intrusions via McAfee SIEM, FireEye, Encase Examiner and Encase SAFE.
    • Report findings and results to upper management with metrics and forensic reports.
    • Collaborate incident response with internal and external entities to include but not limited to government and private sector.
    • Must demonstrate knowledge of Incident Response processes and procedures including initial response, evidence collection, special handling processes, and incident recovery.

    Qualifications

    • Minimum of five years working within the information security field, with emphasis on security incident management, intrusion detection, firewall deployment, and computer forensics.
    • Experience with Encase Examiner and Encase SAFE
    • At least 5 years of MS Windows OS and network operations.
    • Understanding of system administration skills in at least UNIX, Linux, or Windows – demonstrating an ability to install and maintain systems with networking support.
    • Expert knowledge TCP/IP protocol suite (IP, TCP, UDP, ICMP, etc.) 
    • Knowledge and understanding of routing protocols. 
    • Demonstrated knowledge of LAN/WAN management and  application layer protocols (HTTP, FTP, DNS, SMTP, SNMP, etc) 
    • Experience with or substantial knowledge is preferred in many of the following areas: computer forensics; software development lifecycle; cyber security incident handling; system and/or network administration; operational details of multiple operating systems; cryptography and encryption tools.
    • Must have GAIC Certified Incident Handler (GCIH), CERT Certified Computer Security Incident Handler (CSIH), Certified Information Systems Security Professional (CISSP), or Electronic Commerce Council Certified Ethical Hacker (CEH) Certification Required.  

    Desired Skills:

    • Expert knowledge encryption protocols and technologies;
    • Demonstrated system administration skills;
    • Expert knowledge OS implementation design goals and constraints. 
    • Demonstrated security testing of IT products and software.
    • Advanced technical writing skills.
    • Education:  Bachelor of Science in Computer Science or related program.

    Security Clearance:  Applicants selected must be U.S. Citizens and will be subject to a government security investigation and must meet eligibility requirements for access to classified information. 

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed