Incident Manager - III - IMG03

Title: Incident Manager III

Description:

Solutions³ LLC is supporting our prime contractor and their U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution.

Solutions³ LLC is seeking an Incident Manager III to perform investigations to characterize the severity of breaches, develop mitigation plans, and assist with the restoration of services.

Eligibility:

• Must be a US Citizen
• Must have an active TS/SCI clearance
• Must be able to obtain DHS Suitability prior to starting employment
• 5+ years of directly relevant experience in cyber incident management or cybersecurity operations

Responsibilities Include:

• Correlating incident data to identify specific trends in reported incidents
• Recommending defense in depth principles and practices (i.e., layered defenses, security robustness, etc.)
• Performing Computer Network Defense incident triage to determine scope, urgency, and potential impact
• Researching and compiling known resolution steps or workarounds to enable mitigation of potential incidents
• Applying cybersecurity concepts to the detection and defense of intrusions into IT networks and analyzing log data
• Monitoring external data sources to maintain awareness of threat conditions impacting the enterprise
• Identifying causes of incidents and key questions for external entities regarding infection vectors
• Receiving and analyzing network alerts to determine causes
• Tracking and documenting incidents from detection to resolution and coordinating with other organizational components
• Providing support during assigned shifts

Required Skills:

• Knowledge of incident response and handling methodologies
• Familiarity with NIST 800-62 (latest revision) and FISMA standards
• Knowledge of the NCCIC National Cyber Incident Scoring System
• Understanding of attack stages (e.g., scanning, gaining access, escalation, etc.)
• Skill in recognizing vulnerabilities and attack types
• Knowledge of system administration, OS hardening, and CND policies
• Understanding of operational threat environments
• Knowledge of security threats and vulnerabilities

Desired Skills:

• Knowledge of threat environments and vulnerabilities (as above)

Desired Certifications: GCIH, GCFA, GISP, GCED, CCFP, or CISSP

Required Education: BS in Incident Management, Operations Management, Cybersecurity, or related field, or HS Diploma with 7+ years of relevant experience.

Provide the level of Security Clearance you currently hold.*

Do you understand the job responsibilities and feel you would be successful in executing these tasks? If yes, be prepared to provide examples during an interview or email them in advance.*

Do you understand the required skills and believe you possess them? If yes, be prepared to provide examples during an interview or email them in advance.*

Is the location shown within communicating distance for you? The prime will not accept anyone more than 2 hours from the site location.*

The client requires completion of their suitability process before an official start date, which could take 4-6 weeks. Would this inhibit your application?*

If referred by a Solutions³ team member or partner, please indicate here: