Incident Response Analyst

Job Description

Description

SAIC is seeking an Incident Response Analyst with an active TS/SCI to work onsite with our customer at Fort Liberty, NC. This position is for future proposal work. 

The Comprehensive Cyber Support Services II (CCSS II). CCSS II is a SAIC Prime DoD contract that supports Marine Corps Forces Cyberspace Command. Team SAIC delivers high impact subject matter expertise to help solve complex operational challenges the Marine Corps faces in this dynamic domain of warfare. Our SMEs cover the spectrum from All Source Intelligence Analysts, full spectrum CO Planners, CND/IR, and OCO mission management. 

The CND/IR Analyst shall identify, collect, and analyze network and host data, and report events or incidents that occur or might occur within a network to mitigate immediate and potential network and host threats.

The individual shall perform computer network defense (CND) incident triage, to include:

• Determining urgency, and potential impact;
• Identifying the specific vulnerability; and making recommendations that enable expeditious remediation;
• Perform initial, forensically sound collection of images and inspect to determine mitigation/remediation on enterprise systems;
• Perform real-time computer network defense (CND) incident handling (e. g., forensic collection, intrusion correlation/tracking, threat analysis, and direct system remediation) task to support Incident Response Teams, receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts, and track and document computer network defense (CND) incidents from initial detection through final resolution;
• Employ defense-in-depth principles and practices, collect intrusion artifacts (e.g., source code, malware, and Trojans) and use discovered data to enable mitigation of potential computer network defense (CND) incidents within the enterprise; 
• Assist with analysis of actions taken by malicious actors to determine initial infection vectors, establish a timeline of activity and any data loss associated with incidents;
• Provide expert technical support to enterprise-wide CND technicians to document CND incidents, correlate incident data to identify specific vulnerabilities and to make recommendations enabling remediation;
• Ideal candidate would have scripting experience such as Python and PowerShell.  

Qualifications

Required education and experience:

• Bachelors and five (5) years or more experience; or a Master's and three (3) years of experience; additional years of experience may be substituted in lieu of degree.

Required skills:

• Must have strong CND experience with Incident Response expertise. 
• Strong drive for continuous learning.

Required certification:

• Must have or be able to obtain an IAT Level III certification within six (6) months of hire.

Required clearance:

• Must have an active TS/SCI security clearance.

Desired Skills:

• Scripting experience such as Python & PowerShell. Additional experience in writing code is highly desirable.
• Expertise with the SOCOM Enterprise is highly desirable.
• IAT Level III certification (CISSP, CASP+ CE, GCED, GCIH, CISA, CCNP Security).
• OSCP and/or OSCE.
• CPT, CMF, JFHQ-C or Service Cyber Component experience beneficial.

Overview

SAIC is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective and efficient solutions that are critical to achieving our customer's missions.

We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity, and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.9 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.