What are the responsibilities and job description for the Cyber Capability Developer (Mid) position at NexThreat?
Job Title: Cyber Capability Developer (Mid)
Location: NCR or Clarksburg
Job Category: Information Technology
Time Type: Full-time
Clearance Requirement: Current TS/SCI Clearance required
Security Suitability: Must pass FBI security suitability
Polygraph Requirement: Must pass an FBI-administered Counterintelligence polygraph if one has not been conducted within the last five years.
Employee Type: W2 or 1099
Citizenship: US Citizen, no Dual Citizenship
Summary:
NexThreat is seeking a Cyber Capability Developer (Mid). The Cyber Capability Developer (Mid) is a pivotal member of the Watch Floor Team within our Security Operations Center (SOC). This role involves leading efforts to ensure the timely detection and resolution of potential security incidents, minimizing the impact of cyber threats on the organization. The Senior Cyber Capability Developer will leverage their expertise to enhance the capabilities of the SOC, actively detecting, monitoring, preventing, and analyzing real-time cybersecurity information, events, and threats. This position is essential for maintaining the confidentiality, integrity, and availability of the organization's information assets.
Key Responsibilities:
- Lead the development and implementation of advanced cybersecurity strategies and procedures to enhance incident detection and response capabilities.
- Collaborate with the Watch Floor Team to improve operational processes and incident handling efficiency.
- Utilize Splunk Enterprise Security and Microsoft Sentinel for comprehensive monitoring and analysis of security events.
- Conduct in-depth investigations of security incidents, providing expert analysis and actionable recommendations.
- Mentor and train junior team members on cybersecurity best practices and incident response techniques.
- Perform threat assessments and vulnerability analyses to identify and mitigate potential risks.
- Stay informed about the latest cybersecurity trends, threats, and technologies, integrating relevant findings into operational practices.
- Contribute to the development and maintenance of incident response plans and playbooks.
Unique Skills/Tasks/Software:
- Required: Expertise in Splunk Enterprise Security.
- Preferred: Familiarity with Microsoft Sentinel.
- Strong analytical, problem-solving, and critical-thinking skills.
- Excellent communication and interpersonal abilities to collaborate effectively with team members and stakeholders.
Preferred Certifications:
- GIAC Continuous Monitoring Certification (GMON)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Network Forensic Analyst (GNFA)
- GIAC Cloud Threat Detection (GCTD)
- GIAC Cloud Forensics Responder (GCFR)
Qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).
- Minimum 3 years of experience in cybersecurity, with a focus on incident response and monitoring.
- Proven track record of leading security operations and threat detection initiatives.
