TEKsystems - Honolulu, HI
posted about 2 months ago
TEKSystems is seeking a Cyber Security Incident Response Analyst to support a cleared position in the Department of Defense (DoD). This role requires a Secret security clearance, which will be upgraded to Top Secret. As a Cyber Security Analyst, you will be responsible for identifying, isolating, investigating, informing, and implementing measures to detect and protect data across a wide spectrum of sources and locations. Your primary duties will include validating suspicious events or reports to determine if they constitute an incident, ensuring that incidents are properly entered into the appropriate reporting system, and assessing the severity of each incident. In this position, you will maintain familiarity with CJCSM 6510.01B and compile and maintain internal standard operating procedure (SOP) documentation. You will ensure that all associated documentation and capabilities remain compliant with CJCSM 6510.01B and other applicable policy directives. Your responsibilities will also include providing network intrusion detection and monitoring, correlation analysis, incident response, and support for the Cybersecurity Service Provider (CSSP) and its subscriber sites. You will coordinate with JFHQ-DoDIN and supported entities regarding significant incidents to ensure proper analysis and timely reporting. The role requires you to provide 24x7 support for the CSSP's Incident Response capability during non-core business hours as needed. You will perform network and host-based digital forensics on Microsoft Windows-based systems and other operating systems to enhance response to significant network incidents. A working knowledge of full packet capture (PCAP) analysis and tools such as Wireshark is essential. You will explore patterns in network and system activity via log correlation using Splunk and other supplemental tools, and you should possess an understanding of IDS/IPS solutions, including signature development and implementation. Participation in program reviews, product evaluations, and onsite certification evaluations will also be part of your duties.