View all jobs

Security Engineer III

Camp Arifjan, Kuwait
Intermedia group has the following open position with our client:

title:                Security Engineer III
location:         Kuwait
Clearance:     Top Secret
Visa status:     Candidate MUST possess a current Kuwaiti work authorization 

Required Certification(s): DOD 8570 CNDSP Incident Responder certification

This contract effort provides non-personal defensive cyberspace operations support to the Defensive Cyberspace Operations Division (DCOD), U.S. Army Regional Cyber Center – Southwest Asia (USARCC-SWA). The DCOD environment includes any hardware, software, application, tool, system, or network used by the Government, whether developed, leased, or commercially purchased. Work includes current and new systems at various lifecycle stages, and any future applications/systems not currently identified. DCO services are required to defend against unauthorized activity on all Army assets residing on the NIPRNet, SIPRNet, CENTRIXS, JWICS, and any authorized CENTCOM Coalition computer network. This includes activities from external hackers who may attempt to gain unauthorized access, insider threats attempts for unauthorized access, and policy violations that may impact network security and operations. Work is required to continue performance during peace, crisis, hostilities, and war operations.
  • Lead team of security analysts as the senior analyst on staff
  • Capture and perform initial analysis on captured volatile data, log data, captured network traffic data, etc. to identify any immediate intrusion related artifacts which in turn will allow immediate defensive countermeasures to be implemented.
  • Develop necessary procedures or scripts to identify such data.
  • Immediately upon capture of volatile data and/or power down of each individual system, in conjunction with Army Cyberspace Operations and Integration Center/Forensic Malware Analysis/Regional Cyber Center (ACOIC|FMA|RCC) request, coordinate the shipment of original forensic evidence (hard drive, USB drive, etc.) to ACOIC G33 DCO FMA for forensic imaging.
  • Individual files identified or suspected of being malicious will be sent by e-mail in one of several formats to the G33 DCO FMA distribution list, who will in turn analyze the files by automated malicious code analysis and/or by static analysis/dynamic analysis/reverse engineering performed by G33 DCO FMA malware analysts.
  • Works and interacts with other DCO professionals internal and external to Army Cyber Command, with Law Enforcement and Counter Intelligence LNO's, and intelligence professionals as a technical specialist to understand higher-level adversary capability.
  • Document, update and enhance processes and procedures by producing training materials, standards documents and reports.
Supervisory Duties: 
  • Supervise, mentor, and coach a team of 5 security analysts
Education and Certifications:
  • Bachelors Degree with appropriate IAT III certification and associated Continuing Education Certification.
  • Experience in Packet Capture and analysis
  • Requires applicable DOD 8570 CNDSP Incident Responder certification
Background Needed and Years of Experience:
  • 5+ Years of Experience with a solid background in Defensive Cyber Operations
Must Have Technical Skills: 
  • Possess in-depth knowledge, experience, and certifications with any commercial computer incident triage tools such as: CCIU LogCollector, EnCase Enterprise / Cybersecurity, AccessData eDiscovery, Mandiant Redline, Tanium, etc.
Preferred Technical Skills:
  • Full working knowledge and experience with all Windows OS platforms including: Windows 7/8/10, Server 2K3/2K8/2012/2016, etc.

If you are interested please contact:
Zeke Goulbourne
Director of Business Development – Government Solutions


Steve Fleischner
Intermedia Group, Inc.

(212) 248-0100
Powered by