Senior Cybersecurity Incident Handler, first shift (7 AM - 3 PM, Monday - Friday), primarily focusing on the full lifecycle of response (analysis, triage, end user communication, containment, eradication, recovery and post-incident process improvement). Developing and coordinating the implementation of courses of action (COAs), assisting in preserving data integrity and full reporting and documentation, including after action and process improvement.
This position is in support of the US Federal Court System and requires a public trust clearance. You can be sponsored if you don't have one - they are quick and easy! The position includes full-lifecycle incident handling/response and frequent use of SIEM tools, especially Splunk, Arbor, ArcSight, SourceFire, Bro IDS, McAfee ePolicy Orchestrator, FireEye, etc... You don't need to be proficient in all of them - there will be opportunities to learn. This customer is especially interested in Splunk ES experience. It also requires coordination with end users as well as external organizations such as DHS/CERT. This customer is particularly open to opportunityes to grow and sensitive to the fact that employee needs and interests change over time. So while this is a 7 AM - 3 PM, Monday - Friday, incident handling position, a team member that comes aboard and proves himself or herself will find opportunities to change shifts as desired or change positions as they become available.
Other responsibilities: