Incident Handler – 4131/3192/21229-5652

This job was posted by https://www.azjobconnection.gov : For more
information, please see: https://www.azjobconnection.gov/jobs/6692694

Job Description

Computer World Services, Corporation (CWS) is seeking an exceptional
candidate to serve as Incident Handler-Senior for the US Army Regional
Cyber Center – Continental United States (RCC-CONUS) program
responsible for performing non-personal Information Technology (IT)
Services and support requirements. RCC-CONUS is responsible to operate,
manage, and defend the Armys NIPRNet and Secure Internet Protocol
Router Network (SIPRNet) CONUS portion of the GIG, and the NIPRNet and
SIPRNet DoDIN-A. The RCC-CONUS functions as part of a larger joint
environment, responding to the Theater Combatant Commanders, the
ARCYBER, and the Army Cyber Commands Army Cyberspace Operations and
Integration Center (ACOIC), which operates the GIG in support of
Department of Defense (DoD) operations around the world. Services
include Network and System Modernization, Cyber Defensive Operations,
Defensive Cyber Assessments, Defensive Cyber Infrastructure Support,
Threat & Data Analytics, DoDIN Operation Support, Network Management,
Systems Management, IT Lifecycle Management, IT Service Management
(ITSM), Portfolio/IT Investment Management, and Theater Operations and
Service Desk support.

The candidate will develop procedures for performing incident handling
and reporting, while setting guidelines for communicating with various
parties regarding the incidents. Responsible for leading security event
monitoring and correlation within a tiered Security Operations Center.
Proven experience and ability to leverage CND analyst toolsets to detect
and respond to IT security incidents.

Key Tasks and Responsibilities

– Proven experience and ability to leverage CND analyst toolsets to
detect and respond to IT security incidents.
– Ability to implement standard procedures for incident response
interfacing with Information Security Officer and IT staff.
– Conducts research and document threats and their behavior to include
monitoring external CSIRTS/CERTs.
– Provide recommendations to threat mitigation strategies.
– Employ effective web, email, and telephonic communications to
clearly manage security incident response procedures.
– Perform routine event reporting over time including trend reporting
and analysis.
– Experience required in security or network technology (Unix/Windows
OS, Cisco/Juniper Routing-Switching) within a hands-on
design/Implementation/Administration role.
– Demonstrates in-depth knowledge of TCP-IP protocol implementations
for all common network services in addition to demonstrated
capability to perform network packet analysis and anomaly detection.
– Responsible for leading security event monitoring and correlation
within a tiered Security Operations Center.
– Proven experience and ability to leverage CND analyst toolsets to
detect and respond to IT security incidents.
– Ability to implement standard procedures for incident response
interfacing with Information Security Officer and IT staff.
– Conducts research and document threats and their behavior to include
monitoring external CSIRTS/CERTs.
– Provide recommendations to threat mitigation strategies.
– Employ effective web, email, and telephonic communications to
clearly manage security incident response procedures.
– Perform routine event reporting over time including trend reporting
and analysis.
– Experience required in security or network technology (Unix/Windows
OS, Cisco/Juniper Routing-Switching) within a hands-on
design/Implementation/Administration role.
– Demonstrates in-depth knowledge of TCP-IP protocol implementations
for all common network services in addition to demonstrated
capability to perform network packet analysis and anomaly de ection.
– Professionally certified, within a CND discipline, as Technical
Level III as defined by DODI 8570 is a requirement.

Education & Experience

– BA /BS or an MA/MS preferred from an accredited university
(required)
– Minimum of 12 years of related IT experience (required)
– Substitution Allowance (MA/MS with 10 years experience can be
substituted for above requirements)

Certifications

– GIAC Certified Incident Handler, and IAT Level II Baseline
Certification

Security Clearance

– Top Secret clearance (Required)
– US Citizen or permanent resident

Other (Travel, Work Environment, Administrative Notes, etc.)

– Travel to CONUS and OCONUS locations to meet mission requirements
and undergo training maybe required. The support outside Fort
Huachuca, AZ including OCONUS if required, will be designated as
TDY.

Computer World Services is an affirmative action and equal employment
opportunity employer. Current employees and/or qualified applicants will
receive consideration for employment without regard to race, color,
religion, sex, disability, age, sexual orientation, gender identity,
national origin, disability, protected veteran status, genetic
information or any other characteristic protected by local, state, or
federal laws, rules, or regulations.

Computer World Services is c