Information System Security Analyst - Principal II
Location: Pensacola, FL
Must have an active Top Secret Security Clearance
The Deputy Cyber Incident Response Team (CIRT) Managerensures exceptional service for managed services customers and helps drive employee engagement for CIRT staff members. They will help coordinate the daily activities of CIRT staff; orient, train, and mentor staff; monitor incident management queues; address client escalation issues; and interface with clients as needed.
The CIRT Deputy Manager is expected to be process-oriented and accountable for the overall success of the CIRT’s Cyber Defense Mission.
Responsibilities include:
• Support managing CIRT team consisting of up to 30 cyber defense analysts providing cyber detection, incident response, and recovery coordination services to the customer.
• Lead activities and technical direction of CIRT staff to diagnose and resolve client enterprise cyber alerts
• Field escalated customer issues and resolve or refer to specialized experts as needed
• Monitor and report the status of tickets and other cyber defense tasks assigned to the CIRT and ensure items are coordinated, logged, tracked, and resolved appropriately.
• Provide input on process improvements and contribute to the technology roadmap for the strategic plan.
• Perform metrics trend analysis and reporting; guide resultant process improvement.
• Communicate policies, expectations, and feedback to CIRT staff
• Facilitate a high-performance team environment and employee engagement
• Guide and coordinate projects requiring scheduling
• Contribute to the development, communication, and implementation of policies, procedures, best practices, recommendations, and guidelines for standards.
• Conduct individual meetings with team members to address performance and training needs, set expectations, and facilitate a 2-way dialogue regarding the team members’ experience
• Other duties as assigned and required.
Requirements
Required Skills:
• Must be a U.S. Citizen
• This position requires an active Top Secret security clearance with SCI eligibility.
• Must be able to obtain DHS suitability prior to starting employment.
• 10+ years of directly relevant experience
• Computer Emergency Response Team (CERT/CIRT) hands-on experience
• Current experience with network intrusion detection and response operations (Protect, Defend, Respond, and Sustain procedures)
• Hands-on experience in the detection, response, mitigation, and/or reporting of cyber attacks affecting client networks
• Computer network surveillance/monitoring
• Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
• Familiar with System log analysis, computer evidence seizure, computer forensic analysis, and data recovery
• Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
• Excellent verbal and written communication skills
• Efficient delegation and task prioritization
• Ability to interview and select employees in accordance with company guidelines and EEOC commitments
• Ability to coordinate and facilitate staff training
• Ability to provide feedback, coach employee performance, and effectively implement disciplinary action as needed
• Ability to manage and resolve conflicts as they arise
• Demonstrated ability to document processes
• The ability to respond to crises efficiently and objectively
• Proficiency with MS Office Applications
• Must be able to work collaboratively across agencies and physical locations
Desired Skills:
• Current experience with Splunk
• Experience supporting DHS, Federal Civil, Intelligence, and/or DoD Customers
• Computer Forensics experience
• Malware reverse engineering experience
• Experience with Risk and Opportunity management
• Scripting experience (python, Perl, etc.)
• Experience with process development and deployment
• Prior experience with data visualization products such as Analyst Notebook
• Prior experience working in one of the following highly desired:
• DOD/FED Cyber Intel organization
• DCIO/MCIO, with Cyber Counterintelligence focus
Desired Certifications:
• DoDI 8570.01-M IAT Level 2
• Additional technical CND response certification (CEH, GCIH, GCIA, OSDA SOC-200 or GNFA)
Education amp; Experience:
•Bachelor’s degree OR eight (8) years of related experience with a Master’s degree.</