**Cyber Security Analyst, Operations Watch Incident Response Analyst
North Charleston, SC
Minimum Secret to Start, requires TS SCI
Position Description**
As an Operations Watch Analyst, you will isolate, investigate, inform, and implement measures to detect and protect data across a wide spectrum of sources and locations. The candidate is required to validate suspicious events or reports and determine if the event constitutes an incident. The candidate will ensure incidents are properly entered into the appropriate reporting system and determine the severity of the incident. Reporting and response measures will be taken immediately in order to satisfy the Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510\.01B reporting requirements.
Position Requirements And Duties
Maintains familiarity with CJCSM 6510\.01B.
Compiles and maintains internal standard operating procedure (SOP) documentation.
Ensures associated documentation and capabilities remain compliant with CJCSM 6510\.01B and other applicable policy directives.
Provides network intrusion detection and monitoring, correlation analysis, incident response and support for the Cybersecurity Service Provider (CSSP) and its subscriber sites.
Validates suspicious events or reports and determine if the event constitutes an incident and properly enter associated data into the appropriate reporting systems.
Coordinates with JFHQ\-DoDIN and supported entities regarding significant incidents to ensure proper analysis is performed and timely and accurate reporting of the incident is completed.
Provides 24x7 support for the CSSP’s Incident Response capability during non\-core business hours consistent with CSSP requirements as needed.
Performs network and host\-based digital forensics on Microsoft Windows based systems and other operating systems as necessary to enhance response to, support of, and investigation into significant network incidents.
Possesses working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.).
Explores patterns in network and system activity via log correlation using Splunk and supplemental tools
Possesses understanding of IDS/IPS solutions to include signature development and implementation
Participates in program reviews, product evaluations, and onsite certification evaluations.
Overtime may be required as needed to support incident response actions (Surge)
Due to the nature of the work required, operations are conducted 24/7/365 with three primary shifts. Choice of shifts will be made available with the understanding that placement is at the discretion of the CSSP Services Director and/or assigned manager.
This position requires a shift of four (4\) ten\-hour days per week, which includes one weekend day. Example schedules may include Wednesday to Saturday or Sunday to Wednesday.
Minimum Qualifications
US Citizen
Bachelor’s degree in a relevant discipline OR at least three years of directly relevant experience, preferably in a DoD environment.
Up to 15% global travel may be required; emergency travel may be required with 72\-hour notice for incident response and to support other program needs.
Preferred Qualifications
At least five years of incident response experience
The ability to solve problems independently
Knowledge of Incident Response Procedures
Knowledge of Packet Analysis
Knowledge of IDS/IPS solutions
Familiarity with various Host\-Based Tool
Experience with Log Aggregation Tools
Logical thinking and analytical ability
Verbal and written communication ability
Highly Desired Skills
Knowledge of CJCSM 6510\.01B
Experience with Digital Forensics
The ability to solve problems independently
Required Certifications
IATII and CSSP Compliant Certifications
Company Overview
Adapt Forward is a cybersecurity solutions provider for some of the nation’s most valuable information systems. Leveraging advanced threat assessment technology and experience in building high\-level information security infrastructure, we develop adaptive solutions uniquely tailored to our customers’ business objectives to protect sensitive data against sophisticated threats in an increasingly complex security environment.
Summary Of Benefits
Comprehensive Physical Wellness Package, including Medical, Dental, Vision Care, plus Flexible Spending Accounts for health\- and dependent\-care are included in our standard benefits plan.
401k Retirement Plan with Matching Contribution is immediately available and vested.
Annual Training Budget to be used for conference attendance, school enrollment, certification programs, and associated travel expenses.
Eleven Federal Holidays, plus three weeks of PTO/vacation/sick leave that accrues at a rate of ten hours per month.
Employee Assistance Program: Counseling/legal assistance and other employee well\-being programs are also offered.
Equal opportunity employer as to all protected groups, including protected veterans and individuals with disabilities.