Cyber Incident Handling Analyst

　　Location GERMANY- Clay Kaserne, Wiesbaden

　　Job Code 11516

　　# of openings 1

　　Apply Now (https://phg.tbe.taleo.net/phg04/ats/careers/v2/applyRequisition?org=AKIMEKATECH&cws=43&rid=11516)

　　The Alaka`ina Foundation Family of Companies (FOCs) has a need for a Cyber Incident Handling Analyst to support our cyber security government customer located in Clay Kaserne, Wiesbaden Germany.

　　DESCRIPTION OF RESPONSIBILITIES:

　　Provide Live Incident Handling Case Tracking Database

　　Provide incident handling on-site for newly identified compromised systems

　　Update Incident Handling procedures, response guidelines, and checklists based on findings and lessons learned

　　Provide DCO Incident Handling Analysis support during core hours and provide call-out support as required.

　　When notified of threat activity after core hours, respond to the threat within two (2) hours of notification.

　　Capture and perform initial analysis on captured volatile data, log data, captured network traffic data, etc. to identify any immediate intrusion related artifacts which in turn will allow immediate defensive countermeasures to be implemented.

　　Develop necessary procedures or scripts to identify such data.

　　Immediately, upon capture of volatile data and/or power down of each individual system, in conjunction with customer request, coordinate the shipment of original forensic evidence (hard drive, USB drive, etc.) to customer for forensic imaging and “deadbox” analysis.

　　Individual files identified as malicious or suspected of being malicious will be sent by e-mail in one of several secure methods to the distribution list.

　　Work and interact with other DCO professionals internal and external to Army Cyber Command, with Law Enforcement and Counterintelligence LNO's, and intelligence professionals as a technical specialist to understand higher-level adversary capability.

　　Document, update and enhance processes and procedures by producing training materials, standards documents and reports.

　　Other duties as assigned.

　　REQUIRED DEGREE/EDUCATION/CERTIFICATION:

　　Bachelor of Science/Arts Degree in Engineering, Computer Science, Science or Business Administration, or Mathematics.

　　Any of the following: Cisco CyberOps Professional, GIAC, GCED, GCFA, GCFE, GNFA, DCITA, CIRC, FIWE or Offensive Security OSDA

　　Must possess IA workforce certification: CSSP-Incident Responder (CEH, CFR, CHFI, or Cloud+)

　　REQUIRED SKILLS AND EXPERIENCE:

　　Bachelor's degree plus three (3) years of specialized experience.

　　Associate degree plus seven (7) years of specialized experience

　　A major certification plus seven (7) years of specialized experience.

　　11 years of specialized experience to replace no education.

　　Experience in monitoring intrusion detection and security information management systems to detect malicious and/or anomalous activity.

　　Experience in triaging and evaluating detected events to determine if an incident occurred. Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents.

　　Experience in coordinating response to incidents with both technical and non-technical parties. Knowledge of hacker techniques (TTPs) and exploits, including current security threat landscape.

　　Experience documenting incidents from initial detection through final resolution

　　REQUIRED CITIZENSHIP AND CLEARANCE:

　　U.S. Citizenship required.

　　Must have an active TS-SCI Clearance.

　　The Alaka`ina Foundation Family of Companies (FOCs) is a fast-growing government service provider. Employees enjoy competitive salaries. Eligible full-time employees enjoy a 401K plan with company match; medical, dental, disability, and life insurance coverage; tuition reimbursement; paid time off; and 11 paid holidays.

　　We are an Equal Opportunity/Affirmative Action Employer. We are proud to state that we do not discriminate in employment decisions on the basis of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. If you are a person with a disability and you need an accommodation during the application process, please click here ([email protected]) to request accommodation. We E-Verify all employees.

　　The Alakaina Foundation Family of Companies (FOCs) is comprised of industry-recognized government service firms designated as Native Hawaiian Organization (NHO)-owned and 8(a) certified businesses. The Family of Companies (FOCs) includes Keaki Technologies, Laulima Government Solutions, Kūpono Government Services, and Kāpili Services, Pookela Solutions, Kīkaha Solutions, LLC, and Pololei Solutions, LLC. Alakaina Foundation activities principally benefit the youth of Hawaii through charitable efforts which includes providing innovative educational programs that combine leadership, science & technology, and environmental stewardship.

　　For additional information, please visit www.alakainafoundation.com

　　#LI-JS1

　　#ClearanceJobs