Job Summary:
We are seeking a skilled and experienced Cybersecurity Engineer with a strong background in Incident Response, Security Operations Center (SOC) operations, and knowledge of compliance frameworks such as FISMA, FIPS, SAP, or PPSM. The ideal candidate will be responsible for protecting the organizationβs information systems by identifying, mitigating, and managing security incidents, as well as ensuring compliance with federal cybersecurity standards. This role involves collaboration with internal teams to enhance security posture, conduct in-depth incident investigations, and provide actionable insights to bolster defenses. This position requires an active Secret clearance or higher.
Responsibilities:
- Incident Response:
- Lead and coordinate incident response efforts to detect, analyze, contain, and remediate security incidents.
- Conduct forensic analysis, root cause identification, and provide post-incident reports with detailed remediation recommendations.
- Develop and maintain incident response playbooks and workflows in alignment with industry best practices.
- SOC Operations:
- Monitor and respond to alerts generated by security tools and systems, including SIEM platforms, IDS/IPS, endpoint protection, and network security appliances.
- Act as a primary escalation point for SOC analysts and provide guidance on complex incidents.
- Perform threat hunting, anomaly detection, and proactive monitoring to identify potential threats and vulnerabilities.
- Compliance and Regulatory Frameworks:
- Ensure the organizationβs security posture aligns with federal standards, including FISMA, FIPS, SAP, and PPSM.
- Collaborate with compliance and governance teams to meet auditing requirements and maintain necessary certifications.
- Develop, implement, and maintain policies and controls to ensure compliance with relevant cybersecurity standards.
- Threat Intelligence and Vulnerability Management:
- Integrate threat intelligence into incident response activities, improving detection and response capabilities.
- Participate in vulnerability assessments and coordinate patch management and remediation efforts with relevant IT teams.
- Stay informed about the latest threat vectors, vulnerabilities, and attack methodologies to continuously improve defenses.
- Documentation and Reporting:
- Generate reports and metrics for security incidents, vulnerabilities, and compliance adherence.
- Document and maintain cybersecurity policies, standard operating procedures (SOPs), and incident response playbooks.
- Conduct training and awareness sessions for the team on cybersecurity best practices and compliance requirements.
$120,000 - $160,000 a year