Incident Handler (DCO)
Location: Sierra Vista
Posted on: January 24, 2023
This position description is subject to change at any time as
needed to meet the requirements of the program or company.
The Defensive Cyber Operations (DCO) division within RCC-CONUS
(RCC-C) is looking for a candidate with strong scripting abilities,
experience with systems security administration, and network
security technologies. The Incident Handler will design, implement,
automate, maintain, and optimize measures protecting systems,
networks, and information.
Major Job Activities:
+ Detect, document, and report potential or confirmed incidents and
+ Analyze events utilizing Security Information Event Management
(SIEM) systems, Big Data Analytics, and other supporting platforms
+ Conduct incident handling actions in accordance with established
+ Coordinate and perform incident response investigations.
+ Conduct quality control of incidents and investigations to
maintain compliance with applicable policies.
+ Develop recommendations to enhance detection capabilities and
implement mitigation measures in response to general or specific
threats (attempted exploits, attacks, malware delivery, etc.).
+ Assist in designing and integrating custom rules and reports
within data collection platforms.
+ Prepare technical summaries and briefings.
+ Provide technical expertise regarding the defense of information
systems and networks.
+ Correlate event data to create situational awareness and trend
Material & Equipment Directly Used:
+ Basic Office Equipment.
+ Normal office environment.
+ May require support during periods of non-traditional working
hours including nights or weekends.
Must be able to lift/push/pull 40 lbs. unassisted.
Education / Certifications:
+ IAT Level II Baseline Certification: CCNA Security, CySA+, GICSP,
GSEC, Security+ CE, CND, SSCP.
+ GIAC Certified Incident Handler (GCIH).
+ Bachelor of Science (BS) Degree.
+ ITIL v4 Foundation certification desired upon hire, required
within three months of hiring date.
+ U.S. citizenship is required.
+ Active TS/SCI (Top Secret/Sensitive Compartmentalized
Experience / Skills:
+ Five (5) years applicable experience working with various data
(network and system) technologies, with a minimum of two (2) years
focused on information systems security incident handling and SIEM
+ Excellent interpersonal, organization, writing, communicating,
and briefing skills.
+ Excellent analytical and problem-solving skills.
+ Must have a firm understanding of government cyber and incident
policies and directives.
+ Microsoft Office Products, Microsoft SharePoint, BMC Remedy, SIEM
systems, various analyzing tools.
Supervisory / Budget Responsiblities:
Acts in a technical based supervisory capacity.
We are committed to an inclusive and diverse workplace that values
and supports the contributions of each individual. This commitment
along with our common Vision and Values of Integrity, Respect, and
Responsibility, allows us to leverage differences, encourage
innovation and expand our success in the global marketplace.
Vectrus is an Equal Opportunity /Affirmative Action Employer. All
qualified applicants will receive consideration for employment
without regard to race, color, religion, age, sex, national origin,
protected veteran status or status as an individual with a
Keywords: Vectrus, Sierra Vista , Incident Handler (DCO), Other , Sierra Vista, Arizona
Didn't find what you're looking for? Search again!