Incident Handler (DCO)

Company: Vectrus
Location: Sierra Vista
Posted on: January 24, 2023

Job Description:

Overview

This position description is subject to change at any time as needed to meet the requirements of the program or company.

The Defensive Cyber Operations (DCO) division within RCC-CONUS (RCC-C) is looking for a candidate with strong scripting abilities, experience with systems security administration, and network security technologies. The Incident Handler will design, implement, automate, maintain, and optimize measures protecting systems, networks, and information.

Responsibilities

Major Job Activities:

+ Detect, document, and report potential or confirmed incidents and security issues.

+ Analyze events utilizing Security Information Event Management (SIEM) systems, Big Data Analytics, and other supporting platforms or applications.

+ Conduct incident handling actions in accordance with established procedures.

+ Coordinate and perform incident response investigations.

+ Conduct quality control of incidents and investigations to maintain compliance with applicable policies.

+ Develop recommendations to enhance detection capabilities and implement mitigation measures in response to general or specific threats (attempted exploits, attacks, malware delivery, etc.).

+ Assist in designing and integrating custom rules and reports within data collection platforms.

+ Prepare technical summaries and briefings.

+ Provide technical expertise regarding the defense of information systems and networks.

+ Correlate event data to create situational awareness and trend analysis reports.

Material & Equipment Directly Used:

+ Basic Office Equipment.

Working Enviornment:

+ Normal office environment.

+ May require support during periods of non-traditional working hours including nights or weekends.

Physical Activities:

Must be able to lift/push/pull 40 lbs. unassisted.

Qualifications

Minimum Qualifications:

Education / Certifications:

+ IAT Level II Baseline Certification: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP.

+ GIAC Certified Incident Handler (GCIH).

+ Bachelor of Science (BS) Degree.

+ ITIL v4 Foundation certification desired upon hire, required within three months of hiring date.

+ U.S. citizenship is required.

+ Active TS/SCI (Top Secret/Sensitive Compartmentalized Information).

Experience / Skills:

+ Five (5) years applicable experience working with various data (network and system) technologies, with a minimum of two (2) years focused on information systems security incident handling and SIEM event analysis.

+ Excellent interpersonal, organization, writing, communicating, and briefing skills.

+ Excellent analytical and problem-solving skills.

+ Must have a firm understanding of government cyber and incident policies and directives.

+ Microsoft Office Products, Microsoft SharePoint, BMC Remedy, SIEM systems, various analyzing tools.

Supervisory / Budget Responsiblities:

Acts in a technical based supervisory capacity.

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.

Keywords: Vectrus, Sierra Vista , Incident Handler (DCO), Other , Sierra Vista, Arizona