Job Description:
• Support Incident Response lifecycle via triage and investigation of detections and take action as appropriate (e.g. live response, containment, escalation, etc.)
• Develop detection criteria across a broad range of technologies and log sources
• Identify coverage and efficiency gaps in available data and tooling
• Provide information security reporting including security metrics as required
• Participate in incident response and manage escalations as needed
• Provide after-hours support on an on-demand basis
• Drive efficient process development and documentation for all aspects of the Incident Response lifecycle
Requirements:
• Experience responding to security events, including front-line analysis and escalation, of hacktivist, cybercrime, and APT activity
• Theoretical and practical knowledge with Mac, Linux, and Windows operating systems
• Theoretical and practical knowledge with TCP/IP networking and application layers
• Experience with access/application/system log analysis, IDS/IPS alerting and data flow, and SIEM-based workflows
• Experience with security data collection, processing, and correlation
• Current Active Duty Service Member
• Available to participate 90-180 days
• This role is only open to US citizens and Green Card holders.
Benefits:
• SkillBridge Program under Dept. of Defense Instruction 1322.29
• Continuous military wages and benefits during participation