Join our Talent Network >

Security Incident Response (IR) Team Lead

This job posting is no longer active.

Job ID: 205765
Location: WASHINGTON, DC, United States
Date Posted: Aug 24, 2020
Category: Cyber
Subcategory: Cyber Sec Analyst
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: Yes

Share: mail

Job Description

Description

As the Security Incident Response Team Lead you will directly support the security operations staff by providing oversight, guidance, and mentorship to a 5-8 person team of security analysts.  In this player/coach role, you will manage and mentor security incident response staff who will apply technical and analytical skills to investigate and handle intrusions, malicious activities, potential insider threats, and perform incident response.
Responsibilities include but not limited to
• Manage the relationship with the customer
• Provide weekly and monthly reports on Security Incident Response team activities 
• Determine staffing requirements: guiding recruitment, hiring, training, development, and retention of highly qualified team members
• Foster innovation, creativity, collaboration, and professional growth of the team
• Maintain strong standards, and promote productivity, accountability and high morale
• Oversee training and exercises to ensure team proficiency
• Influence and improve upon existing processes through innovation and operational change
• Develop and support strategic plans and projects to meet SOC goals and objectives
• Participate in “after action” reviews to identify lessons learned and best practices
• Regularly review standard operating procedures and protocols to ensure team continues to effectively meet requirements
• Evaluate existing technical capabilities and systems and identify opportunities for improvement
• Ensure the team is providing excellent customer service and support

Remote work may be an option for this position but will first require written approval by the COR

Qualifications

REQUIRED:

Bachelor’s degree in a technical field such as Computer Science, Information Security, Information Technology, Computer Engineering, Information Systems, etc.

• 8+ years of security operations technical experience preferably in security incident response capacity
• Must possess either GIAC Certified Enterprise Defender (GCED) or GIAC Defending Advanced Threats (GDAT).
• Experience responding to APT or FIN actor
• Experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
• Enthusiastic to be active in the training, coaching, and development of the team members
• Experience with developing and maintaining metrics
• Ability to communicate IT, networking, and security concepts to personnel at all levels of experience and responsibility
• Track record of creative problem solving, and the desire to create and build new processes
• Strong time management and multitasking skills as well as attention to detail
• In-depth understanding of security architectures and devices
• Strong understanding of root causes of malware infections and proactive mitigation
• Strong understanding of lateral movement, footholds, and data exfiltration techniques
• Comfortable with impromptu tasking and loosely defined requirements
• Strong analytical and investigation skills
• Excellent oral and written communications skills
• Ability to think strategically in implementing overall task and responsibilities of the team
• Ability to turn high-level goals into actionable steps and develop a roadmap to achieve the goals
• Ability to mentor and coach less experienced security analysts. Providing techniques and strategies to dig deeper into investigations
• Extensive Incident Response leadership experience
• Experience developing and writing processes and procedures for Security IR team

No clearance required to start work.  You will be required to undergo SEC background check once employed.

DESIRED:

Experience working with U. S. Securities and Exchange Commission is desired but not required.

Preferred Qualifications:
• Master’s degree in Information Security or related field
• Multiple relevant security certifications (such as: CISSP, GCIA, GCIH, GREM, CEH)
• Experience with one or more scripting languages, e.g., Python, JavaScript, Perl.
• Forensics experience
• Experience as a government contractor



Overview

SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability

Share: mail

Similar Jobs

Cyber Security Engineer - Mid

FORT MEADE, MD, United States
Cyber

Cyber Security Analyst

FORT BELVOIR, VA, United States
Cyber

Cyberspace Intelligence Analyst III

FORT MEADE, MD, United States
Cyber

Sr. Cyber Security Engineer

FORT MEADE, MD, United States
Cyber

Cyberspace Subject Matter Expert

FORT MEADE, MD, United States
Cyber

Principal Joint Operations Planner for Cyberspace

FORT MEADE, MD, United States
Cyber

Cyber Eng/Archt Chief

WASHINGTON DC, DC, United States
Cyber

Cyberspace Intelligence Analyst II

FORT MEADE, MD, United States
Cyber

Security Tools Administrator

WASHINGTON, DC, United States
Cyber

Senior Security Tools Administrator

WASHINGTON, DC, United States
Cyber

Sr. Cyber Security Analyst

ARLINGTON, VA, United States
Cyber

Senior Information Systems Security Engineer (ISSE)

ANNAPOLIS JUNCTION, MD, United States
Cyber

Principal Cyber Security Analyst

RESTON, VA, United States
Cyber

Cyberspace Joint Operations Planner III

FORT MEADE, MD, United States
Cyber

Computer Network Defense/Incident Response Analyst

FORT MEADE, MD, United States
Cyber

Nessus Scanning Administrator

WASHINGTON, DC, United States
Cyber

Cyber Operations Specialist Principal

FORT MEADE, MD, United States
Cyber

Cyberspace Analyst II

FORT MEADE, MD, United States
Cyber

Information System Security Manager

CHANTILLY, VA, United States
Cyber

Cyber Security Analyst

RESTON, VA, United States
Cyber

Splunk Administrator

WASHINGTON, DC, United States
Cyber

Information Systems Security Officer

FORT MEADE, MD, United States
Cyber

Senior ISSO

RESTON, VA, United States
Cyber