Cyber Defense Team Lead IRES - HSV

Position Title : Cyber Defense Team Lead

Location : Redstone Arsenal, Huntsville, AL

Relocation Assistance : None available at this time

Remote / Telework : NO - Not available for this position

Clearance Type : DoD Secret

Shift : Day shift (Mon-Fri)

Travel Required : Up to 25% of the time

cjpost

Description of Duties :

The Cyber Defense Team Lead supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. The candidate will :

• Provide Subject Matter Expert oversight and guidance on the MDA Cybersecurity Service Provider - Computer Emergency Response Team’s (MDA CSSP-CERT’s) Cyber Defense and Incident Response program and serve as the primary POC for customer decision points.
• Develop, instruct, and evaluate a Cyber Defense Analyst and Incident Response training plan in support of training and mentoring Jr, Mid, and Sr. Vulnerability Assessment Analyst
• Perform Defensive Cyber Operations (DCO) / CSSP duties outlined in Evaluator Scoring Metrics (ESM).
• Support the development, establishment, review, and update of DCO procedures, processes, manuals, and other documentation.
• Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
• Perform preliminary analysis, identification, and response actions to detect, characterize, and respond to cyber incidents IAW CJCSM 6510.01B
• Review data of ongoing intrusions or cybersecurity incidents and report, analyze, and document / report the findings in accordance with CJCSM 6510.01B guidelines.
• Properly document all steps in the incident response process while taking care to preserve and protect incident artifacts, evidence, and chain of custody
• Analyze correlated assets, threat, and vulnerability data against know adversary exploits and techniques to determine impact and improve network defensive posture.
• Leverage actionable Cyber Threat Intelligence data to search for indicators of compromise and develop SIEM content / signatures to detect known attack patterns and make recommendations for improvements.
• Coordinate with CSSP-CERT subscribers to develop current configurations, rules, and signatures for cyber security related toolsets.
• Coordinate with CSSP-CERT subscribers to notify, investigate, and remediate discrepancies in security logging and CSSP-CERT alignment.
• Provide standardized and targeted training in support of CSSP-CERT subscriber cyber defense and incident response programs.
• Provide support to internal and external Insider threat, counterintelligence, and law enforcement agencies during cyber incidents / investigations.
• Create, update, and manage queries and dashboards pertaining to ArcSight and Elastic SIEM and related security tools.

The successful candidate will :

Resumes, in month and year format, must be submitted with application in order to be considered for the position.  The selected candidate may be assigned as an employee for one of our teammate companies.