Respond Team Lead

General Dynamics IT has an opening for a NOAA Respond Team Lead with strong communication and technical skills that will provide cybersecurity monitoring and situational awareness across the National Oceanic and Atmospheric Administration (NOAA) Computer Incident Response Team (N-CIRT).

The NOAA N-CIRT is NOAA's formal incident response team that responds to computer security incidents.

This includes identifying if a computer security incident has taken place and, if so, what countermeasures need to be deployed to defend, contain, and recover from an incident.

The NOAA N-CIRT;



  • Provides the trained personnel, processes, and procedures to maintain and augment the operations that enable the N-CIRT.

  • Acts as an agent of the government to respond to computer security incidents.

    This includes identifying if a computer security incident has taken place and, if so, what countermeasures need to be deployed to defend, contain, and recover from an incident.

  • Provides qualified staff to NOAA to act as the first line defenders for all confirmed cyber incidents throughout the agency.

    This effort will include but is not limited to manning the central N-CIRT phones, monitoring the N-CIRT email box, and preparing situational awareness reports for agency management.

    In FY17, N-CIRT processed over 2,000 incident response and over 5,000 Security triage event for incident handlers.

  • Acts as the central reporting unit regarding all confirmed cybersecurity incidents to the ESOC-IR Team.

  • Provides trained staff to support the equipment needed for mobile device forensics to protect and defend loaner mobile devices while on foreign travel.

  • Provides qualified staff for malware analysis and reporting for the agency.

  • Schedules and holds monthly cybersecurity information sharing meetings to facilitate proactive information sharing for all NOAA Information Security teams.

  • Helps organizations within NOAA obtain the capabilities to identify computer security measures that support an organization's goals and impose minimal, if any, impact on the users.



The candidate must be a US Citizen and be able to obtain Department of Commerce vetting clearance.

Specific roles & responsibilities for the position include but not limited to the following:



  • Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.

  • Monitors and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.

  • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.

  • Evaluates firewall change requests and assess organizational risk.

  • Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.

  • Assists with implementation of counter-measures or mitigating controls.

  • Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.

  • Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.

  • Prepares incident reports of analysis methodology and results.

  • Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.

  • Serves as a technical team or task leader.

  • Maintains current knowledge of relevant technology as assigned.

  • Participates in special projects as required.


Candidates must be willing to submit resumes to be included in the final proposal submission.

Employment is contingent upon contract award.

Education:



  • Bachelor's Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.


Qualifications:



  • 8-10 years of related experience in data security administration, including supervisory experience.

  • Certification(s) Desired: CISSP, ITIL

  • Familiarity with the tasks and technology such as the following: Security Incident Response, Digital Forensics Investigation, Security Advisory Service, Form 47-43 Database maintenance, Malicious Email Scanning, Malware Analysis


Additional Desired Experience:



  • Five (5) years of current experience in 24x7x365 network security monitoring operations of similar IT environments.

  • Five (5) years of current experience in managing network security monitoring, detection, and analysis tools, to include IDS, IPS, DLP, SEIM, etc.

  • Five (5) years of working knowledge of network protocols, enterprise architecture, and network security systems and products.

  • Five (5) years of technical task management and supervisory experience.

  • Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools.

  • Experience developing and conducting detailed, technical, and hands on training.

  • Demonstrated analytical and communications skills.

  • Experience with scripting and development tools including, but not limited to: PowerShell, VBScript Perl, Ruby, or Python

  • Advanced knowledge of data security administration principles, methods, and techniques.

  • Effective supervisory skills.

  • Certification in one or more specific technologies.

  • Familiarity with domain structures, user authentication, and digital signatures.

  • Understanding of firewall theory and configuration.

  • Requires understanding of DHS/DoD policies and procedures, such as FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies.




As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action employer.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.





#HCSDCJ


Apply for this ad Online!




Share Job