Title: Incident Response Analyst
Location: Crystal City, Arlington, VA
Clearance: Candidates must be US citizens able to obtain and/or maintain a Department of Defense Top Secret security clearance as a condition of employment
Shift: Core business hours, with slight flexibility
The Incident Response Analyst role is a position providing an opportunity to work in a fast paced collaborative environment defending USAID from current and future cyber threats. This position plays a critical role in USAID’s enterprise computing defense. Analysts must be agile, willing to learn and teach others, and able to think outside of the box in order to operate effectively in an ever-changing threat landscape.
- Utilizes and adheres to defined workflow and processes driving the Incident Response and mitigation efforts.
- Collects supporting information and/or relevant artifacts in support of Incident Response activities.
- Escalates and hands off to team members and leadership based on defined threat and priority determination.
- Conducts technical analysis on impacted systems to determine impact, scope, and recovery from active and potential cyber incidents.
- Leverages Forensics tools, techniques, and capacities to support Cyber Incident Response activities.
- Documents results of cyber threat analysis and subsequent remediation and recovery in an effective and consistent manner.
- Executes the Incident Response lifecycle and coordinating remediation activities throughout the USAID enterprise.
- Recommends solutions to optimize both technical and process/procedure aspects of the end to end incident lifecycle.
- Writes technical articles for knowledge sharing.
You'll Need To Have:
- Bachelor’s degree or four or more years of work experience.
- Four or more years of relevant work experience.
- Security operations and/or Incident Handling experience
- Related Certification (A+, Network+, Security+, CISSP, GCIH, GCFA, GCFE, GNFA, GREM). Information Assurance or Cyber Experience in the Telecommunications industry.
- Experience working in a Security Operations Center (SOC) with focus on Computer Network Defense (CND).
- Experience with dynamic and/or malware analysis.
- Experience in Cyber Intelligence or related disciplines.
- Experience with Enterprise Anti-Virus, IDS, Full Packet Capture and Host/Network Forensics Tools.
- Knowledge of Networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture.
- Experience executing various Incident Response Frameworks and Handling Procedures.
- Program and Scripting Experience.
- Experience with Regex
- Experience with Splunk ES
- Strong knowledge of Operating Systems: Windows, Unix/Linux, and OSX Operating Systems.
- Experience and knowledge of cyber risks and threats related to cyber attackers.
- Strong communication and presentation skills along with the ability to work in a highly collaborative environment.
- Ability to exhibits initiative, follow-up and follow through with commitments.
- Strong relationship skills and collaborative style to enable success across multiple partners.
- Ability to manage multiple priorities in a dynamic environment.
- Effective organizational and technical skills.
- Effective verbal and written communication skills.
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178
Giac Certified Forensics Analyst
Forensic Examiner Certification
Giac Certified Incident Handler
Certified Information Systems Security Professional
Reverse Engineering Malware Certification