Cyber Security Engineering Specialist III
Quadrant, Inc., Springfield, VA, United States
Cybersecurity Engineering Specialist III — Springfield, VA — Pay From: $65.00 per hour
Must
Active TS/SCI Clearance with ability to obtain a polygraph
Experienced Cybersecurity Engineering Specialist
6+ years in cybersecurity or CSOC environment
Compliance with DoD 8140.01 and DoD 8570.01-M requirements
Proven experience in cybersecurity operations, incident response, or CSOC environments
Strong understanding of defensive cyber operations and internal defensive measures (DCO-IDM)
Experience with digital forensics, including analysis of host, server, and network data
Familiarity with malware analysis and/or reverse engineering techniques
Ability to analyze both volatile and non‑volatile system data during incident investigations
Experience developing incident reports, including timelines, root cause analysis, and remediation recommendations
Strong analytical, problem‑solving, and documentation skills
Ability to collaborate effectively with government and contract stakeholders in a high‑security environment
CSSP Incident Responder certification or relevant hands‑on incident response experience
IAT Level II certification required
Bachelor's degree in Cyber Security, Information Technology, or a related field, or equivalent experience
Duties
Provides input to and coordinates with all applicable stakeholders to develop and deliver the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report
Coordinate and implement tasks, performing analysis, and building/documenting response activities required during cyber security incident response, including but not limited to actions such as implementing containment measures, IP blocks, domain blocks, and disabling user accounts on the direction of the Government
Coordinates with Security and Installations Directorate (SI) Office of Counterintelligence (SIC), Insider Threat Office (SIII), in addition to other law enforcement and counterintelligence personnel as required to perform advanced investigation and triage of incidents
Collaborates with appropriate authorities in the production of security incident reports
Categorizes incidents and events
Coordinates with other contracts, organizations, activities, and other services as appropriate to ensure incidents are properly reported, contained, and eradicated
Coordinates to de‑conflict blue/red team activity with open incidents/events
Coordinates to ensure NGA recovers from an incident/event
Builds timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both adversary activity and blue force response actions
Documents actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed; develops and, when approved by the Government, generates and updates reports in the Joint Incident Management System (JIMS), Incident Case Management System (ICMS), and/or other authorized reporting systems as directed
Develops, maintains, sustains, and when properly authorized by the Government, executes custom scripts, tools, and capabilities to collect and analyze data, and respond to incidents/events
Performs digital media analysis on host, server, and network data as required to analyze and respond to an incident, including but not limited to volatile and non‑volatile memory and/or system artifact collection and analysis
Develop and identify indicators of compromise to send to Cybersecurity stakeholders and other Contract Services
Provides adversary attribution
Performs malware analysis and signature development
Coordinate with CSOC Tier 1 and 2 services to remediate all discrepancies and provide recommendations to prevent reoccurrence
Quadrant is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability. Healthcare benefits are offered to all eligible employees according to compliance mandated by the Affordable Care Act.
#J-18808-Ljbffr
Must
Active TS/SCI Clearance with ability to obtain a polygraph
Experienced Cybersecurity Engineering Specialist
6+ years in cybersecurity or CSOC environment
Compliance with DoD 8140.01 and DoD 8570.01-M requirements
Proven experience in cybersecurity operations, incident response, or CSOC environments
Strong understanding of defensive cyber operations and internal defensive measures (DCO-IDM)
Experience with digital forensics, including analysis of host, server, and network data
Familiarity with malware analysis and/or reverse engineering techniques
Ability to analyze both volatile and non‑volatile system data during incident investigations
Experience developing incident reports, including timelines, root cause analysis, and remediation recommendations
Strong analytical, problem‑solving, and documentation skills
Ability to collaborate effectively with government and contract stakeholders in a high‑security environment
CSSP Incident Responder certification or relevant hands‑on incident response experience
IAT Level II certification required
Bachelor's degree in Cyber Security, Information Technology, or a related field, or equivalent experience
Duties
Provides input to and coordinates with all applicable stakeholders to develop and deliver the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report
Coordinate and implement tasks, performing analysis, and building/documenting response activities required during cyber security incident response, including but not limited to actions such as implementing containment measures, IP blocks, domain blocks, and disabling user accounts on the direction of the Government
Coordinates with Security and Installations Directorate (SI) Office of Counterintelligence (SIC), Insider Threat Office (SIII), in addition to other law enforcement and counterintelligence personnel as required to perform advanced investigation and triage of incidents
Collaborates with appropriate authorities in the production of security incident reports
Categorizes incidents and events
Coordinates with other contracts, organizations, activities, and other services as appropriate to ensure incidents are properly reported, contained, and eradicated
Coordinates to de‑conflict blue/red team activity with open incidents/events
Coordinates to ensure NGA recovers from an incident/event
Builds timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both adversary activity and blue force response actions
Documents actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed; develops and, when approved by the Government, generates and updates reports in the Joint Incident Management System (JIMS), Incident Case Management System (ICMS), and/or other authorized reporting systems as directed
Develops, maintains, sustains, and when properly authorized by the Government, executes custom scripts, tools, and capabilities to collect and analyze data, and respond to incidents/events
Performs digital media analysis on host, server, and network data as required to analyze and respond to an incident, including but not limited to volatile and non‑volatile memory and/or system artifact collection and analysis
Develop and identify indicators of compromise to send to Cybersecurity stakeholders and other Contract Services
Provides adversary attribution
Performs malware analysis and signature development
Coordinate with CSOC Tier 1 and 2 services to remediate all discrepancies and provide recommendations to prevent reoccurrence
Quadrant is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability. Healthcare benefits are offered to all eligible employees according to compliance mandated by the Affordable Care Act.
#J-18808-Ljbffr