Jobs
Node.Digital logoNode.Digital

CyberSecurity Detection and Incident Response Engineer / Cyber Engineer

CyberSecurity Detection and Incident Response Engineer / Cyber Engineer

Location: Arlington, VA

Must have an active Top Secret clearance

Node is supporting a U.S. Government customer on a large mission-critical development and sustainment program to design, build, deliver, and operate a network operations environment; including introducing new cyber capabilities to address emerging threats. In support of the customer’s strategic direction,

Node is looking for a qualified Cyber Security Detection and Incident Response Engineer who can support our customer in the detection, response, mitigation, and reporting of cyber threats affecting the client networks, and will provide direct leadership to small detection and response teams during normal shift operations. The SOC team provides 24/7 continuous security monitoring, cyber investigation, and incident response for all systems that fall within their assigned environments.

Responsibilities:

  • May perform Shift Lead duties and as the primary POC representing the CIRT during planning and coordination meetings.
  • Maybe asked to identify or develop performance reports and performance metrics.
  • Provide hands-on support in the detection, response, mitigation, and reporting of cyber threats affecting client networks.
  • Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations.
  • Facilitate the customer's posturing itself to aggressively investigate cyber activity targeting customer information and its information infrastructure.
  • Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions.
  • Develop course curriculum, hands-on demonstrations, written exam material, and presentations designed to teach cybersecurity concepts to more junior personnel.
  • May be asked to lead a team during Incident Response/security investigations in hybrid cloud and on-premises environments.
  • Actively participates in the SOC mentorship and continuous education programs to increase the technical capability of CIRT leadership and analysts at all skill levels.

    • Requirements

    Required Skills:

  • U.S. Citizenship
  • Must have an active current Top Secret clearance with SCI eligibility.
  • Must be able to obtain DHS Suitability
  • 8+ years of directly relevant experience
  • 3+ years of experience as a detection analyst, security incident response analyst, threat hunter, penetration tester, or forensic investigator in cloud and/or on-premises environments.
  • 2+ years of professional experience working with AWS or Azure infrastructure, and services in a security-focused role.
  • Advanced knowledge of AWS & Azure architectural concepts.
  • Experience engineering, operating, and managing layered security and SIEM integration.
  • Demonstrated experience handling incidents across multiple operating systems.
  • Excellent written and oral communication skills.
  • Must be willing to lead from the front:

    • o Participate in the training and mentorship program as a mentor, mentee, and continuous trainee.

    o Volunteer to be a mentor for at least one employee on the contract.

    o Meet or continuously work toward attaining CIRT skill level 2 certification.

  • Must be willing to work on designated shifts and to report on-site as required by prime contractor or customer requirements

    • Desired Skills:

  • Experience supporting DHS, Federal Civil, Intelligence, and/or DoD Customers
  • Working knowledge of Open Systems Interconnection (OSI) network protocol stack, including major protocols such as IPv4, IPv6, Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Simple Mail Transfer Protocol (SMTP), Hypertext Transfer Protocol (HTTP), HTTP/2, HTTPS, Server Message Block (SMB)/Common Internet File System (CIFS), Secure Sockets Layer/Transport Layer Security (SSL)/(TLS), Remote Desktop Protocol (RDP), Lightweight Directory Access Protocol (LDAP).
  • Understanding of how web applications, email applications, and other common internet-facing applications work.
  • Understanding of modern, distributed authentication and access control mechanisms and architectures like SSAML, OAUTH, and ADFS.
  • Working knowledge of common networking services such as network address translation (NAT), DHCP, DNS, and network time protocol (NTP).
  • Hands-on understanding of using major cloud service providers such as Amazon AWS, Microsoft Azure, or Google Cloud as well as an understanding of how to configure, secure, and monitor systems and data in these environments.
  • Experience working on a Computer Incident Response Team (CIRT) or working in a SOC.
  • Previous experience as a systems administrator in a Windows or Linux environment or working knowledge of command line (Windows or Linux).
  • Virtualization technologies, e.g., VMWare, Hyper-V, etc.
  • Ability to write basic to intermediate scripts in Python, PowerShell, or Bash to interrogate a system as part of a security investigation.
  • “Big Data” Analysis systems, e.g., Splunk, ELK, etc

    • Required Education:

  • A bachelor’s degree in cybersecurity, security operations, computer science, a related specialized area; or High School Diploma and 18 years of relevant experience

    • Desired Certifications:

  • Baseline Security Certification: One or more of the following certifications: Security +, CASP, CCNA Security, GSEC, or SSCP
    • Job Specific Certifications:

    Two or more of the following technical certifications: CySA+, GCIH, CCTHP, Security Blue Team Level 2 (BTL2), or OFFSEC SOC 200.

  • Splunk and/or AWS Certifications are highly desirable
    • Company Overview:

    Node Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.

    Our Core Values help us in our mission. They include:

    OUR CORE VALUES

    Identifying the~RIGHT PEOPLE~and developing them to their full capabilities

    Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner

    We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence

    Our mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions

    Benefits

    • Medical (100% Coverage for Employee)
    • Dental
    • Vision
    • Basic Life (100% Coverage for Employee)
    • Health Saving Account
    • 401K
    • Three weeks of PTO
    • 10 Paid Holidays
    • Pre-Approved Online Training

    Cyber Security Jobs by Category

    Remote jobsFull Time jobsBlue Team jobsForensic jobsAdministrator jobsAnalyst jobsIncident Response jobsContract jobsDOD jobsWindows jobs

    Cyber Security Salaries

    Remote SalaryFull Time SalaryBlue Team SalaryForensic SalaryAdministrator SalaryAnalyst SalaryIncident Response SalaryContract SalaryDOD SalaryWindows Salary