Tier 3 Incident Response Senior Analyst

RMC is hiring a Tier 3 Incident Response Senior Analyst to support an active government contract in Quantico, Virginia, providing defensive cyberspace operations and Cyber Security Service Provider (CSSP) functions. This position will support the government's mission to deny, disrupt, and degrade adversaries’ abilities and attempts to disrupt, exploit and attack the information technology (IT) services provided to network users. 

The selected applicant will perform a variety of activities including but not limited to:

• Collect and analyze network and host artifacts from a variety of sources to include logs, system images and packet captures to characterize activity, determine root cause, operational impact, and to enable rapid remediation and mitigation of cyber threats within the Enterprise Network through the investigation process.
• Conduct forensic analysis of device timeline, device memory, file systems, and packet captures (pcap) - Digital Forensics & Incident Response (DFIR).
• Manage and document cyber defense incidents from initial detection through final resolution.
• Perform quality assurance on routine cyber incident reporting to ensure accuracy and compliance to policies and procedures.
• Make recommendations for alert tuning and creation of new detection use cases from information gathered during response to new techniques observed on the network.
• Mentor junior analysts and guide them through the investigation process as necessary.
• Develop and refine curriculum for the supported customer's Incident Response Course.
• Assist in instructing an Incident Response Course.

Requirements

• Three years of incident response experience.
• Active TS/SCI (DoD TOP SECRET clearance with Sensitive Compartmented Information access) eligibility is required. Applicant selected will be subject to security investigation(s) and must maintain eligibility requirements for access to classified information. Candidate can begin supporting this position with a fully adjudicated DoD Secret clearance.
• Associate's degree in a Computer Science, Information Technology, Information Systems, or Computer Engineering field; OR five (5) years of relatable work experience.
• DoD 8570 IAT Level II certification.
• DoD 8570 CSSP Incident Responder certification (or be able to obtain within 180 days).

Schedule: M-F, 5 X 8, between 7:00am EST and 5:00pm EST, normally not to exceed 40 hours per week.

This position may require extended or non-standard hours occasionally to support major cyber incidents. This position is considered essential and may be required to report during hazardous weather, power outages, fuel shortages, pandemics, and other emergencies.

Benefits

At RMC, we're committed to your career growth! RMC differentiates itself from other firms through its investment in our employees. We invest our resources to train, certify, educate, and build our employees.

RMC can offer you a great place to work with a small company feel and give you the experience, tuition assistance, and certifications that will take your career to the next level. We offer Monday to Friday full-time day shift work, and can assist in paid relocation. This also includes a competitive paid vacation package with 11 paid federal holidays. Additionally, we also offer high-quality, low-deductible healthcare plans, pet insurance, and a competitive 401K package.

“Salary at RMC is determined by various factors, including but not limited to location, a candidate's specific combination of education, knowledge, skills, competencies, and experience, as well as contract-specific requirements. The current salary range for this position will be $135,000.00 to $150,000.00 annually.”

#LI-LL1