Lead Cyber Operations Countermeasures Engineer
August Schell has a current job opportunity for a Lead Cyber Operations Countermeasures Engineer on the DISA GSM-O program supporting the DISA Joint Operations Center (DJOC) Network Assurance embedded with DISA Headquarters, Fort Meade, MD. GSM-O provides network operations and cyber defense support to the Defense Information Systems Agency (DISA) in support of the Department of Defense (DoD) and Combatant Commands (COCOMs).
ROLE AND RESPONSIBILITIES
•Lead a team of Cyber Security professionals, including mentoring, assigning and reviewing work and planning/scheduling to ensure milestones are completed in accordance with the program work statement.
•Responsible for supervising four to five team members and follow guidance from government leadership. This includes correlating actionable security events and participating in the coordination of resources during the incident response process.
•Direct and track enterprise countermeasure actions and assess the effectiveness of countermeasures on an ongoing basis.
•Analyze high volumes of logs, network data (e.g. Netflow, PCAP), and other attack artifacts in support of incident investigations.
•Understand the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
•Collaborate with team members and Subject Matter Experts (SMEs) to create and validate countermeasures in accordance with (IAW) the DoDIN boundary defense posture.
•Maintain situational awareness of cyber activity by reviewing DoD, Intelligence Community and open source reporting for new vulnerabilities, malware or other threats that have the potential to impact the DoDIN.
•Bachelor’s degree from an accredited college in a related discipline and 8+ years of professional experience; additional related years of experience is accepted in lieu of a degree.
•Must have a DoD-8570 IAT Level 2 baseline certification (Security+ CE or equivalent) to start and must obtain a CSSP-A certification within 180 days of start date.
•Proficient understanding of Cyber Network Defense (CND) in regards to protect, detect, respond and sustain within a Computer Incident Response organization.
•Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
•Must have an active TS/SCI clearance.
•Experience with DISA and DoD Networks.
•Experience with malware analysis concepts and methods.
•Advanced Certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP.
•Experience in intelligence driven defense and/or cyber Kill Chain methodology.
- Must be a US Citizen or have permanent residency status
- We seek out emerging technologies
- Align ourselves with progressive technology partners
- Provide our employees with challenging opportunities to unite the two.
- Comprehensive Medical Insurance
- Comprehensive Dental Insurance
- 401K Plan
- Tuition Reimbursement Plan
- Referral Bonus Program