Incident Response Cyber Security Engineer - Fairmont, West Virginia

Railhead

Incident Response Cyber Security Engineer - Fairmont, West Virginia

Fairmont, WV
Part Time
Paid
  • Responsibilities

    DESCRIPTION:

    Railhead Inc. has an immediate opening for a for an Incident Response Cyber Security Engineer supporting the NOAA Cyber Security Center and Department of Commerce ESOC contract. This position requires a Top Secret security clearance.

    PRIMARY RESPONSIBILITIES:

    • Respond to cyber incidents, including responding to N-CIRT phone calls and emails, and preparing situational awareness reports for NOAA and/or DOC management.
    • Act as main investigators for potential incidents identified by Tier 1 analysts.
    • Investigate phishing and self-identified potential cyber threats (phishing emails sent to the CIRT).
    • Knowledgeable on multiple technology and system types
    • Defining protocols and maturing playbooks of operational response to cyber threats
    • Working within the playbooks as defined
    • Operate autonomously to further investigate and escalate in accordance with protocols and contractual SLAs, including DOC and US-CERT in compliance with US-CERT incident reporting and guidelines.
    • Lead/support on-site investigations, forensics, and provide mobile device support.
    • Maintain chain of evidence in accordance with incident handling procedures and in compliance with NOAA and Commerce procedures.
    • Participate regularly in IR working group sessions. Collaborate across organizational lines and develop depth in your desired cyber discipline and/or technologies.

    BASIC QUALIFICATIONS:

    • Must be US Citizen. Must be able to maintain security clearance, specifically DoD/Top Secret Clearance or TS/SCI (Interim Top Secret acceptable).
    • Must have 1/more of : CERT Certified Computer Security Incident Handler; Electronic Commerce Council Certified Ethical Hacker (ECC); GIAC Information Security Fundamentals (GISF); ISC2 CISSP 3+ years experience within cyber incident handling and/or cyber operations
    • IR Analyst Level II Category: 3+ years experience within specific security disciplines (ie forensics, email security, monitoring + detection, mobility, etc.)
    • IR Analyst Level III Category: 5+ years experience within specific security disciplines (ie incident response, vulnerability management, cyber intelligence, threat hunting)
    • In depth understanding of cyber landscape and typical threat vectors
    • In depth understanding of operational requirements and impacts of working within a FISMA High System.
    • In depth understanding of cyber landscape and typical threat vectors
    • Security or relevant IT technology certification (or as approved by Government to obtain within 6 months of start date)
    • In depth understanding of operational requirements and impacts of working within a FISMA High System.
    • Understanding of US-CERT incident reporting and guidelines.
    • Strong interpersonal skills working directly with VIP end users in a highly visible and mission critical environment.
    • Physically present (shifts) during Core Office Hours: 7am 6pm with rotational on call support required for the program.

    ABOUT RAILHEAD:

    Railhead, Inc. is a leader in intelligence, surveillance and reconnaissance; advanced cyber solutions; cloud and managed IT solutions; engineering, and information-based solutions for DoD, law enforcement and homeland security. We provide training and logistics in support of readiness operations; and operational support services and solutions in support of organizations not limited to DHS, DoD, and the Intelligence Community (IC). We hire mission enablers whom reflect our communities and proactively embrace diversity and inclusion, in order to advance our corporate culture, develop our family of employees into the best they can be, and in turn grow our market share throughout industry.

    Railhead, Inc. is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, veteran status, or any other protected factor.