Managed Detection and Response Team Lead

Overview

Edgewater Federal Solutions is currently seeking a Managed Detection and Response Team lead to provide support to the AOUSC Managed Detection and Response contract, located at the Administrative Office of the US Courts headquarters, located in Washington, DC.

Responsibilities

• Actively review all SOC data feeds, analytical systems, sensor platforms, and output from other SOC tool products
• May remotely access all SOC data using judiciary approved remote access mechanisms
• Provide 24x7x365 monitoring and analysis of all DTS ITSO SOC security feeds including enterprise endpoints, local court firewalls, servers, switches, and firewalls in Internet Data Centers, and cloud Sass, IaaS, and PaaS environments
• Provide written and oral reports of findings to the contractor’s program manager, the Government SOC Manager, and COR-designated Government SOC Operations Leads for further investigation or for action
• Participate in a variety of Information System Security (ISS) activities, including: monitoring of systems status; escalating and reporting potential incidents; creating and updating incident cases and tickets; authoring custom detection content; providing tuning recommendations for the Security Information and Event Management systems (SIEM) to minimize false positives; authoring and maintaining custom SIEM content; program analysis and review; hardware and software evaluation and analysis; process improvement; data management; and coordination and reporting of ISS-related incidents
• Investigate and positively identify anomalous events that are detected by security devices or reported to the SOC from external entities, SOC SIEMs, system administrators, and the user community, via security monitoring platform and tools, incoming phone calls, and emails.
• Provide informal investigation, review, and recommendation documentation as necessary. Deliverables for Monitoring and Analysis Support include, but are not limited to, daily summary informal reports based on security event analysis and Technical Evaluation Reports (TER)
• The maturation of SIEM content is expected so security event volumes can be expected to vary in the future
• Estimate the impacts of incidents using the weighted formula provided by the customer, to include a declared objective and estimated impact score

Qualifications

• U.S. Citizenship is required per contract. 
• Shall have performed as a subject matter expert in incident response and threat hunting services for at least 3 years
• Knowledge of advanced actor tradecraft and eviction techniques are required
• Experience within the Administrative Office of the US courts is preferred

About Us: 

Edgewater Federal Solutions is a privately held government contracting firm located in Frederick, MD. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services and timely delivery. Edgewater Federal Solutions is ISO 9001, 20000-1, 270001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Small Companies for 2018 through 2024.

It has been and continues to be the policy of Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other statuses protected by applicable law.