Cyber Defense Incident Responder with Security Clearance - San Antonio Texas

Company: World Wide Technology
Location: San Antonio, Texas
Posted On: 04/17/2024

Why WWT? At World Wide Technology, we work together to make a new world happen.Our important work benefits our clients and partners as much as it does our people and communities across the globeWWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for AllWe achieve this through our world-class culture, generous benefits and by delivering cutting-edge technology solutions for our clientsWWT was founded in 1990 in StLouis, MissouriWe employmore than10,000 peoplegloballyand closed nearly $20 billion in revenue in 2023We have an inclusive culture and believe our core values are the key to company and employee successWWT is proudto have been included onthe FORTUNE "100 Best Places to Work For -" list 12 years in a row! Want to work with highly motivated individuals on high-performance teams? Join WWT today! Why should you join the Government Services team? Our Government Services team provides cleared resources with a global reach to federal civilian, Department of Defense (DoD) and intelligence community marketsWe excel at delivering innovative, operationally ready, and cost-effective IT solutions that accelerate the interoperability and resiliency of mission critical systemsWant to learn more about Government Services? Check us out on our platform: https://www.wwt.com/public-sector https://www.wwt.com/government-services Location: San Antonio, TX Clearance Needed: TS/SCI What will you be doing? The Cyber Defense Incident Responder will analyze digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigationRESPONSIBILITIES:
* Coordinate and provide technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.
* Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
* Coordinate incident response functions.
* Perform cyber defense trend analysis and reporting.
* Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
* Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
* Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies.
* Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
* Perform cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.
* All other duties Cyber security duties as defined by CSSPQUALIFICATIONS:
* 1-3 years of experience in network security, IDS alerts, firewalls, and analyzing traffic logs, and knowledge of computer networking concepts and protocols, and network security methodologies.
* Bachelor's Degree or Higher in Cybersecurity or related field
* Security Clearance: Top Secret/SCI with potential for higher read-ins.
* Must be IAT II certified (Security+)
* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
* Knowledge of cybersecurity principles.
* Knowledge of cyber threats and vulnerabilities.--- Knowledge of specific operational impacts of cybersecurity lapses.
* Knowledge of disaster recovery continuity of operations plans.
* Knowledge of how network services and protocols interact to provide network communications.
* Knowledge of incident categories, incident responses, and timelines for responses.
* Knowledge of incident response and handling methodologies.
* Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
* Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities.
* Knowledge of cyber defense policies, procedures, and regulations.
* Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
* Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non- nation state sponsored], and third generation [nation state sponsored]).
* Knowledge of basic system administration, network, and operating system hardening techniques.
* Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation, or privileges, maintaining access, network exploitation, covering tracks).The well-being of WWT employees is essentialSo, when it comes to our benefits package, WWT has one of the bestWe offer the following benefits to all full-time employees:
* Health and Wellbeing: Heath, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
* Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
* Paid Time Off: PTO & Holidays, Parental Leave, Sick Leave, Military Leave, Bereavement
* Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount ProgramEqual Opportunity Employer Minorities/Women/Veterans/Individuals with Disabilities More...

Register an account with us and set up job agents! We'll email you immediately when jobs like this are posted on our site.