Intermedia Group, a Defense and Intelligence Community Staffing firm has a client-based opening for the following:
Job Title: Info Defense Engineer III w TS SCI Clearance Location: Arlington, VA Clearance Level: Active DoD TS/SCI Required Certification(s): IAT-III - Must have at least one of the following: CISSP, CASP, CISA, GCED or GCIH
The Information Defense (ID) Engineer provides advanced Cybersecurity operational support by evaluating, adapting, and developing new methods for detection and mitigation of threats to DARPA information systems.
Monitors the client information infrastructure for cyber threats.
Gathers, analyzes and generated technical cyber intelligence.
Provides advanced technical support and analysis during incidents.
Provides cyber counterintelligence (CI) capabilities in support of investigative CI activities.
Understands nation state/threat actor TTP attack vectors.
Develops and institutes custom defensive countermeasures.
Maintains an unattributable network infrastructure.
Coordinates with Security Operations Center (SOC) personnel to identify, contain, and respond to information security incidents.
Provides a conduit for information sharing on cyber threats between the client, US Government agencies, and, at limited capacity, Government contractors.
Conducts incident response and reporting in accordance with CJCSM 6510.01B.
Provides mentorship to more Jr. Security team members.
QUALIFICATIONS: Education and Certifications:
BS degree in Computer Science or related field and/or 5+ years equivalent work experience.
Must meet DOD 8570.01-M certification requirements for IAT-III, Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP), Certified Information Systems Auditor (CISA), GIAC Certified Enterprise Defender (GCED), or GIAC Certified Incident Handler (GCIH).
Background Needed and Years of Experience:
Five or more years of technical experience in information security field.
Expert understanding of common networking protocols such as HTTP, DNS, and SM.B
Fundamental understanding of Linux and Windows operating systems.
Expert-level experience with analyzing network, firewall, IPS, and system logs.
Possesses a forensic, malware analysis and reversing, PCAP analytics, or programming background.
Hands-on experience with endpoint security tools to include Carbon Black.
Experienced in red team/penetration testing/vulnerability exploitation.
Performs internal user activity monitoring in support of insider threat program.
Ability to work both independently and as part of a team.
Ability to research and evaluate technologies for fulfilling newly identified security gaps.
Possession of excellent oral and written communication skills.
Possession of analytical and critical thinking skills.