IT Security Investigator Lead

Evolver Federal is looking for an IT Security Investigator Lead to join our team on a large Security Operations program with our Federal client located in Leesburg, VA.

The ideal candidate will have experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).

Responsibilities

• Lead staff to proactively investigate and respond to security incidents.


• Ensure incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.


• Ensure compliance with Service Level Agreements (SLA), process adherence and process improvisation to achieve operational objectives and mitigate threats.


• Revise and develop processes to strengthen the current operational activities; review policies and recommend changes to improve governance.


• Responsible for team management and overall use of resources and initiation of corrective action where required for Security Operations Center.


• Responsible for leveraging standard and non-standard logs in SIEM for the investigation.


• Co-ordinate with stakeholders to build and maintain positive working relationships.


• Keeps up to date on current technologies.


• Ensures daily, monthly, and quarterly compliance requirements are met individually and by professional level staff within the timelines provided by Operations executive leadership.


• Performs other related duties as assigned.

Basic Qualifications

• A Bachelor's degree


• A CISSP and/or SANS/GIAC Certification


• Six (6) years IT experience with at least four (4) years in an IT Security position.


• Two (2) years of experience working in a SOC type operation for a government or commercial client.


• A United States (US) Citizen with a current DoD Secret Clearance Must be able to pass a comprehensive background check.


• Two (2) years of experience conducting analysis at the packet level.


• Two (2) years of experience with Firewall administration experience (Checkpoint, etc.).


• Two (2) years of experience with Snort, and Cisco intrusion detection sensors.


• Two (2) years of experience with Host-Based and Network-Base IDS.


• Two (2) years of experience with Security Information Management Tools (ArcSight, Splunk, Sentinel, etc.).


• Two (2) years of experience with Antivirus, AntiSpyWare, and Content Filtering solutions.


• Two (2) years of experience with Cloud-based security monitoring tools.


• Two (2) years of experience with Endpoint Detection and Response Tools.


• 1 year of Hands-on experience with Adobe Pro

Preferred Qualifications

• Must have an impeccable work ethic, the ability to make sound decisions, and a commitment to integrity and accountability.


• Proficient with Microsoft Office Suite; specifically, Excel, Word, and Outlook a must.


• Excellent verbal and written communication skills.


• Excellent interpersonal, negotiation, and conflict resolution skills.


• Excellent organizational skills and attention to detail.


• Strong analytical, critical thinking, and problem-solving skills.


• Strong supervisory and leadership skills.


• Ability to function well in a high-paced and at times stressful environment.


• Ability to prioritize tasks and to delegate them when appropriate.

Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military/veteran status, or any other factor protected by law.

Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies.