Enterprise Information Services, Inc.

  • Lead Cyber Response Analyst

    Job Location KR | KR-27
    ID
    2018-3651
    # of Openings
    1
    Targeted Job Start Date
    1/3/2019
  • Overview

    This project will provide defensive cyberspace operations (DCO) support to Defensive Cyberspace Operations Division (DCOD), US Army Regional Cyber Center-Korea. The DCOD environment includes any hardware, software, application, tool, system, or network used by the Government, whether developed, leased, or commercially purchased.

     

    Work shall include current and new systems at various lifecycle stages, and any future applications/systems not currently identified. DCO services are required to defend against unauthorized activity on all Army assets residing on the NIPRNet and SIPRNet. This includes activities from external hackers who may attempt to gain unauthorized access, insider threats attempts for unauthorized access, and policy violations that may impact network security and operations. The Contractor shall be required to continue performance during peacetime, crisis, hostilities, and war operations.

    Responsibilities

    • Ability to recognize a cyber security incident, taking appropriate action to report the incident and preserve evidence, mitigating any adverse impact, and devising defensive measures.
    • Develop and implement access control lists on routers, firewalls, and other network devices.
    • Identify vulnerabilities resulting from a departure from an implementation plan or that were not apparent during testing.
    • Design and implement technical vulnerability corrections and security countermeasures
    • Install and maintain perimeter defense systems including intrusion detection systems, firewalls, grid sensors, etc., and enhance rule sets to block sources of malicious traffic.
    • Identify and/or determine whether a security incident is indicative of a violation of law that requires specific legal action.
    • Monitor and evaluate the effectiveness of enclave IA security procedures and safeguards.
    • Support the design and execution of security exercises.
    • Conduct tests of network devices and IA safeguards in accordance with established test plans and procedures to ensure compliance with security policies, procedures, and requirements.

    Qualifications

    Clearance and Certifications

    • Top Secret security clearance
    • DoD CSSP-Incident Responder - CEH, CFR, CySA+, GCFA, GCIH or SCYBER.
    • DoD 8570 IAT III – CASP CE, CCNP Security, CISA, CISSP (or Associate), GCED or GCIH.

    Other

    • At least 7 years of experience in Information Assurance technology or a related area.
    • Extensive experience in being able to recognize a cyber security incident, taking appropriate action to report the incident and preserve evidence, mitigating any adverse impact, and devising defensive measures.
    • Experience in development and implementation of access control lists on routers, firewalls, and other network devices.
    • Experience in identification of vulnerabilities resulting from a departure from an implementation plan or that were not apparent during testing.
    • Extensive experience in designing and implementing technical vulnerability corrections and security countermeasures
    • Experience in installation and maintenance of perimeter defense systems including intrusion detection systems, firewalls, grid sensors, etc., and enhancing rule sets to block sources of malicious traffic.
    • Experience in Identifying and/or determining whether a security incident is indicative of a violation of law that requires specific legal action.
    • Experience in monitoring and evaluating the effectiveness of enclave IA security procedures and safeguards.
    • Experience in supporting the design and execution of security exercises.
    • Extensive experience in conducting tests of network devices and IA safeguards in accordance with established test plans and procedures to ensure compliance with security policies, procedures, and requirements.
    • Ability, knowledge, experience, certifications, and skills to perform those requirements at contract start date.
    • ITIL Foundations certification (within three months of contract start date or hiring date)
    • All DCO analysts shall have specialized experience in Information Technology (IT) defense infrastructure (Sensors, Vulnerability Scanners, Firewalls, etc.) and a working knowledge of wireless technology and Army operating systems (OS) (i.e. Windows, Apple, and UNIX).
    • 7 years of experience in Cyber Intrusion Analysis
    • Experience working independently to solve problems quickly and completely.
    • Experience leading the work of others.

    EIS is an Equal Opportunity Employer/M/F/V/Disabled.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed