Overview

The Cyber Defense Support Specialist works with security engineers and IT providers to test, implement, maintain, and administer the network’s cybersecurity defenses. The Cyber Defense Support Specialist is responsible for high level incident response and technical leadership.

The Cyber Defense Specialist position responsibilities include the following:

• Monitor and investigate network and system activity including, but not limited to; Intrusion Detection/Prevention Systems (IDS/IPS), firewall, web filter, Security Information, and Event Management (SIEM), host based endpoint detection and response tools for indication of compromise/attempted compromise.
• Perform advanced technical leadership in any major incident response or forensic event.
• Coordinate with Cyber Defense Team to manage and administer the updating of rules, alerts, and signatures on network sensors and endpoint protection platforms.
• Work and make recommendations on IT Cybersecurity related tasks or projects with IT and any third party solutions provider.
• Act as Subject Matter Expert (SME) for all toolsets used by the Cyber Security Operation Center staff.
  • Provide administration, documentation, and support for CSOC toolsets.
  • Provide and maintain documentation of network environment for CSOC staff.
  • Provide training on toolsets and environment for CSOC staff.
• Network with EBIT, IT Provider, and other various GD Business Units.
  • Attend weekly meetings with business partners.
  • Attend assigned Cybersecurity related project weekly/monthly meetings.
  • Share information with CSOC Staff, EBIT, Management, and IT Provider as needed.
• Perform or work with Red/Purple/Blue team level efforts.
  • Penetration Testing and Phishing/Social Engineering Exercises.
    • Work as a group internally with CSOC Staff and EBIT to test detections and response.
    • Work with 3rd party entities when necessary.
  • Document and make recommendations based off results of testing.
• Act as Cybersecurity technical lead on audits and tabletop exercises.
• Continually stay up-to-date on latest threats and vulnerabilities to anticipate and prevent future security breaches.

Skills

• The ability to assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
• The ability to troubleshoot and diagnose cyber defense infrastructure anomalies and work through resolution.
• The ability to apply cybersecurity and privacy principles to organizational requirements.
• The ability to work both in a team environment or independently.
• Strong interpersonal skills.
• Strong data analytical skills.
• Strong technical documentation skills.
• Strong critical thinking/time management skills.
• Proficient with multiple operating systems; Windows, Linux, iOS, Android.
• Proficient with Network and Cloud solutions and architecture.

Qualifications

 Required:

• 4 plus years of experience in the following areas:
  • Working knowledge of cyber defense and information security policies, procedures, and regulations.
  • Working knowledge of network and cloud security architecture concepts including topology, protocols, components, and principles.
  • Working knowledge of system, network, and OS hardening techniques.
  • Working knowledge of cyber threats and vulnerabilities.
  • Working knowledge of incident response and handling methodologies.
  • Writing advanced technical documentation.
• High School Diploma or equivalent
• Current active final DoD secret clearance 
• Current D664 employee

Preferred:

• Cybersecurity or Network Security Degree.
• CISSP, CEH, CySA+, Security+, Pentest+, Network+, and any other cyber security related certifications.
• Familiarity with Nessus (Tenable), IBM Qradar, Carbon Black, and Site Protector.
• Familiarity with Malware and Forensic Analysis tools.
• Familiarity with CISA, NIST, and DoD guidelines, practices and standards.
• Familiarity with the Open Systems Interconnection model (OSI).
• Proficient with scripting languages; preferably PowerShell, C, C+, Python, JavaScript, PHP, SQL, RegEx, etc.