Previous Job
US Lead Incident Responder
Ref No.: 17-15189
Location: Herndon, Virginia
Title: US Lead Incident Responder
Location: herndon VA
Duration: 4 Months
  • Provide backup responsibilities to SOC manager, as required.
  • Respond to and remediate all assigned incidents within the timeframes required by IR SLAs
  • Document workflows and standard operation procedures
  • Lead High- and Medium-severity incidents across multiple cross-functional teams leveraging various tools/applications
  • Analyze network traffic and various log data to determine the threat/impact against the network, recommend appropriate countermeasures, and assess damage
  • Efficiently facilitate and expedite the tracking, handling, and reporting of all security events and computer incidents
  • Evaluate and perform incident escalation in accordance with incident response procedures
  • Work with other team members to ensure an effective and efficient cyber incident management system
  • Ensure all pertinent information is obtained to allow the identification, categorization, incident handling and triage actions to occur in a time sensitive environment
  • Provide effective communications to team and department cyber-security personnel regarding cyber incidents and possible countermeasures
  • Remediate and apply lessons learned to security incidents
  • Identify poor security practices and recommending appropriate countermeasures
  • Create, update, and finalize workflows and internal documentation
  • Collect and analyze technical network activity for anomalies that could indicate potential threat issues from current and previous employees, contractors, and/or partners
  • Previous supervisor or lead experience, preferred
  • Previous CIRT/NOC/SOC incident management experience required
  • Solid understanding of industry standard policy, processes and procedures covering incident, problem and change management
  • Previous CIRT/SOC incident management experience required
  • Previous CIRT/NOC/SOC experience implementing and managing trouble ticket assignments and escalation policies required
  • Must be able to multitask, work in a fast-paced environment and participate in security incident remediation as needed
  • Solid understanding of:
  • o Security threats and vulnerabilities
  • o Security technologies and countermeasures
  • o Firewall technologies
  • o Web system applications and uses
  • o TCP/IP networking concepts
  • o Windows and UNIX/Linux operating environments
  • o Databases vulnerabilities and countermeasures
  • o Logging & SIEM solutions