ProSync

  • Incident Handler (DCO) (RCC)

    ID
    2018-2495
    # of Openings
    1
    Category
    Cyber Engineering and Operations
    Clearance Level
    TS/SCI with Polygraph
    Location
    US-AZ-Sierra Vista
    Posted
    9/21/2018
  • Overview

    ProSync is seeking an Incident Handler to execute critical blocks within two hours of detection to mitigate ongoing threat activity and be able to provide specific information involved with such practice. This position is pending contract award.

    Responsibilities

    Title of Position: Incident Handler (DCO)

      

    Description of Position:

    • Receive, document and report cybersecurity events.
    • Categorize incidents and implement corresponding escalation procedures.
    • Communicate and coordinate incident response efforts.
    • Conduct daily operational update meetings for staff and unscheduled situational update briefings for management.
    • Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
    • Provide telephone, e-mail and ticket service to customers.
    • Reference applicable departmental and operating administration policies in work products.
    • Access, secure and inspect local classified information processing areas.
    • Any other duties as requested by the Contracting Officer Representative and SOC management.

    Normal operating core hours are Monday - Friday between 0600 and 1700, with potential flex time (rotational shift work or on-call duties). Must be available to work weekends and holidays, as required. 

    Qualifications

    Clearance Requirement:

    • This position will require U.S. citizenship and an active DoD TS/SCI clearance.
    • T5 investigation required.
    Education and Experience Required:
    • Eight (8) to ten (10)  years with a high school diploma, six (6) to eight (8) years with an associate degree, four (4) to six (6) years with a bachelor's degree, or two (2) to four (4) years with a master's degree. A certificate may count as one (1) year of experience. Degrees must be relevant to the industry. Bachelor's in Computer Science, Electronics Engineering, Engineering, or related field preferred.
    • Minimum three (3) years experience with network security.
    • Experience with working in a 24/7 SOC environment, including shift work.
    • Experience in managing cases with enterprise SIEM and logging systems.
    • Excellent oral and written communication skills.
    • Experience with event escalation and reporting procedures and supporting network investigations.
    • Knowledge of TCP/IP communications and how common protocols and applications work at the network level.
    • Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies.
    • Ability to learn and adapt quickly.
    • Ability to demonstrate analytical expertise, strict attention to detail, and critical thinking, logic, and solution orientation.
    • Experience working in a 24/7 environment, including shift work.
    • DoD 8570.01-M required certifications: IAT II Baseline; CSSP-IR, GIAC Certified Incident Handler

    • CE Certification (Microsoft, Redhat, CISCO, etc. or equivalent)

    • IT Level I (per Army AR-25-2)
    • ITIL® v3 Foundations Certified within first 3 months of hire

    ProSync's executive team creates and expands business opportunities, recruits talented and intelligent technology professionals, and fosters a company culture that empowers ProSync professionals to shape and mold the direction of their careers and the direction of ProSync.

       

    Employees of ProSync Technology Group, LLC and applicants for employment shall be afforded equal opportunity in all aspects of employment without regard to race, color, religion, political affiliation, national origin, disability, sex, age, or marital status.

       

    Email Staffing@prosync.com for more specifics regarding the position.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed