Join our Talent Network >

Incident Response Analyst

This job posting is no longer active.

Job ID: 2313338
Location: FORT LIBERTY, NC, United States
Date Posted: Mar 22, 2024
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: TS/SCI
Clearance Level Must Be Able to Obtain: TS/SCI
Potential for Remote Work: No Remote
Benefits: Click here

Share: mail

Job Description

Description

SAIC is seeking an Incident Response Analyst with an active TS/SCI to work onsite with our customer at Fort Liberty, NC. This position is for future proposal work. 

The Comprehensive Cyber Support Services II (CCSS II). CCSS II is a SAIC Prime DoD contract that supports Marine Corps Forces Cyberspace Command. Team SAIC delivers high impact subject matter expertise to help solve complex operational challenges the Marine Corps faces in this dynamic domain of warfare. Our SMEs cover the spectrum from All Source Intelligence Analysts, full spectrum CO Planners, CND/IR, and OCO mission management. 

The CND/IR Analyst shall identify, collect, and analyze network and host data, and report events or incidents that occur or might occur within a network to mitigate immediate and potential network and host threats.

The individual shall perform computer network defense (CND) incident triage, to include:

  • Determining urgency, and potential impact;
  • Identifying the specific vulnerability; and making recommendations that enable expeditious remediation;
  • Perform initial, forensically sound collection of images and inspect to determine mitigation/remediation on enterprise systems;
  • Perform real-time computer network defense (CND) incident handling (e. g., forensic collection, intrusion correlation/tracking, threat analysis, and direct system remediation) task to support Incident Response Teams, receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts, and track and document computer network defense (CND) incidents from initial detection through final resolution;
  • Employ defense-in-depth principles and practices, collect intrusion artifacts (e.g., source code, malware, and Trojans) and use discovered data to enable mitigation of potential computer network defense (CND) incidents within the enterprise; 
  • Assist with analysis of actions taken by malicious actors to determine initial infection vectors, establish a timeline of activity and any data loss associated with incidents;
  • Provide expert technical support to enterprise-wide CND technicians to document CND incidents, correlate incident data to identify specific vulnerabilities and to make recommendations enabling remediation;
  • Ideal candidate would have scripting experience such as Python and PowerShell.  

Qualifications

Required education and experience:

  • Bachelors and five (5) years or more experience; or a Master's and three (3) years of experience; additional years of experience may be substituted in lieu of degree.

Required skills:

  • Must have strong CND experience with Incident Response expertise. 
  • Strong drive for continuous learning.

Required certification:

  • Must have or be able to obtain an IAT Level III certification within six (6) months of hire.

Required clearance:

  • Must have an active TS/SCI security clearance.

Desired Skills:

  • Scripting experience such as Python & PowerShell. Additional experience in writing code is highly desirable.
  • Expertise with the SOCOM Enterprise is highly desirable.
  • IAT Level III certification (CISSP, CASP+ CE, GCED, GCIH, CISA, CCNP Security).
  • OSCP and/or OSCE.
  • CPT, CMF, JFHQ-C or Service Cyber Component experience beneficial.

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.

Overview

SAIC® is a premier Fortune 500® technology integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives.

We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.

Share: mail

Are you an SAIC Employee?

Please apply through the internal career site here >