Cyber Incident Responder – Fusion

Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction

All positions require active TS/SCI clearance with CI Poly unless otherwise noted.

Job Description

• The successful applicant should be expected to identify potential cyber threats, determine levels of risk, and produce analytical reports for a variety of audiences. You will occasionally be required to present your findings in front of senior executives, so the ability to translate technical indicators into layperson’s terms is vital.
• Outstanding problem-solving skills are essential. When serious threats are identified, you will work closely with other areas of the security team to identify appropriate solutions. You must be passionate about technology, and able to learn the ropes of new security solutions rapidly.
• Indicators of Compromise (IOC)s will be obtained through: forensic analysis of digital information, Open Source Intel (OSINT) review/monitoring, available tools both customer provided and free, and pivoting/researching on previously reported IOCs.
• Must have common knowledge of standard network infrastructure.
• Other items that would be good to know include: domain masquerading, certificates, and file hashing.
• Familiar with monitoring emerging threats through Tools, Techniques, and Procedures (TTPs) and how they relate to the MITRE ATT&CK framework
• Participate in collaborative sessions with other CNDSPs and IC agencies on malicious intrusions, attacks, or suspicious activities, as well as share emerging Cyber Threat Intel data.
• Assist in the development of IOCs for active defensive countermeasures and passive detection signatures.
• Good written communications skills are necessary in order to properly document and report the identification and sharing of newly identified IOCs.
• Attention to detail and ability to work with team-members and independently.
• Security+ CE or other DoD 8570 baseline certification prior to employment.
• DoD 8570 IAT II certification as well as a DoD 8570 CSSP Infrastructure certification. Viable certifications that meet this requirement are CEH, CySA+, GICSP, SSCP, CHFI or
  CFR.