CSOC Tier 2 Analyst (24x7x365)

Public Trust: None

Requisition Type: Pipeline

Your Impact

Own your opportunity to serve as a critical component of our nation’s safety and security. Make an impact by using your expertise to protect our country from threats.

Job Description

CSOS Analyst Tier 2

Provide CSOC Tier 2 services, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents. CSOC Tier 2 services includes malware and implant analysis, and forensic artifact handling and analysis. When a CIRT is stood up, all contractors in support of CSOC Tier 2 services will be under the direct control of, and take direction from, the Government CIRT Commander. While not in a period of incident response, the Contractor shall conduct continuous exercises and dry runs to improve response outcomes in the event of a cyber-incident. All Contractor personnel performing CSOC Tier 2 services shall have or obtain, within six months of start, a certification that is compliant with DoDD 8140.01 and DoD 8570.01-M IAT Level II and CSSP Incident Responder.

Job Duties:

• Coordinate and implement tasks, performing analysis, and building/documenting response activities required during cyber security incident response
• Coordinates with Security and Installations Directorate (SI) Office of Counterintelligence (SIC), Insider Threat Office (SIII), to perform advanced investigation and triage of incidents.
• Categorizes incidents and events.
  
• Builds timelines, documents, briefings, and other products as required and the impact of both adversary activity and blue force response actions.
• Documents actions taken and analysis in the authorized ticketing system
• Develops, maintains, sustains, and when properly authorized by the Government executes custom scripts, tools, and capabilities to collect and analyze data, and to respond to incidents/events.

Job Requirements:

• Bachelor’s Degree and 8 years’ experience in Cyber Security (CSOS)
• Active TS/SCI, ability to obtain a Polygraph.

• DoDD 8140.01 and DoD 8570.01-M IAT Level II and CSSP Incident Responder.
• Provides input to and coordinates with all applicable stakeholders to develop and deliver the daily CSOC Significant Activity Report,
• Serve as C-IRT members as required.
• Develop and coordinate courses of action with various Government and contract stakeholders,
• Performs digital media analysis and malware reverse engineering
• Develops, documents, and provides to the Government incident investigation reports
• Conduct Quality Control reviews each week

Preferred Qualifications:

• IAT III

Work Requirements

Years of Experience

8 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

Certified Incident Management Professional - Service Managers.org - Service Managers.org

Travel Required

None

Citizenship

U.S. Citizenship Required