×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Network Security

Cyber Incident Handler

Job in Fort Huachuca, Cochise County, Arizona, 85670, USA
Listing for: Peraton
Full Time position
Listed on 2025-12-25
Job specializations:
  • IT/Tech
    Cybersecurity, Network Security
Job Description & How to Apply Below
Location: Fort Huachuca

Cyber Defense Incident Responder (Intermediate)

6 years w/o BS/BA, 2 years w/BS/BA, 0 years w/Masters OR.

Certifications & Credentials
  • CEH(P), ECIH, GRID, RCCE Level 1, CBROPS, CCSP
  • CEH, Cloud+, FITSP-O, GCED, GCIH, GSEC
  • Pen Test+, Security+
Responsibilities

Secure Division Support. The GCC provides CSSP responsibilities and conducts DODIN Operations and DCO – Internal Defensive Measures (IDM) to protect the DODIN IAW the DoDM 8530.01 and the DoD Cybersecurity Services Evaluator Scoring Metrics (ESM). These responsibilities are broken into five (5) CSSP functions;
Identify, Protect, Detect, Respond, and Recover. GCC is responsible to conduct these functions for its assigned portion of the DODIN for both unclassified and classified networks/ systems.

The division provides support services for the protection, monitoring, analysis, detection, and response to unauthorized activity within the DoD Information Systems and Networks.

DCO-IDM services are required to defend against unauthorized activity on all Army assets residing on the NIPRNet and SIPRNet.

The division provides defensive measures to protect and defend information, computers, and networks from disruption, denial, degradation, or destruction.

The division provides sensor management and event analysis and response for network and host-based events. For sensor management, the division provides management of in-line Network Intrusion Protection System/Network Intrusion Detection System (NIPS/NIDS) sensors monitoring all CONUS DoDIN-A NIPRNet and SIPRNet Enterprise traffic to detect sensor outages and activities that attempt to compromise the confidentiality, integrity, or availability of the network. In coordination with GCC Operations, DCO initiates defensive security procedures upon detection of these attacks.

Event analysis and response include the processes involved with reducing multiple cyber incidents to actual malicious threat determinations and mitigating those threats IAW guidance received from GCC Government leadership. Support the Government in providing services for CSSP services on both the NIPRNet and SIPRNet IAW Appendix E:
Secure Division Workload Assessment in support of the CONUS portion of the DoDIN-A. Develop reports and products, both current and long-term, in support of CSSP and course of action development. Prepare Tactics, Techniques, and Procedures (TTP), SOPs, Executive Summary (EXSUMS), trip reports, and information/point papers. Contribute during the preparation of agreements, policy, and guidance documentation such as Memorandums of Understanding / Agreement (MOU/A), Service Level Agreements (SLA).

  • Threat and Data Analysis. Perform the following threat and data analysis functions:
  • Analyze, correlate, and trend anomalous cyber events and incidents: analyze and correlate anomalous events identified in SIEM systems, Big Data Analytics, and supporting devices/applications.
  • Conduct open-source research to identify commercial exploits or vulnerabilities (i.e. Zero
    - Day) requiring CSSP actions. The Contractor shall identify current Army detection capabilities (Host Base Security System (HBSS), IDS/IPS, etc.) for new or potential threat activity.
  • Report and facilitate the correction of issues with correlation tools and data feeds.
  • Participate in the ARCYBER signature working groups and upload to the portal allowing for signature development and standardization across all RCC’s.
  • Create, recommend, or refine TTP’s as appropriate or requested.
  • Conduct cyber threat analysis and hunting utilizing proactive and iterative approaches to search all supported networks to detect and isolate advanced threats that may evade existing security solutions.
  • Examine threat intelligence from DoD and public sources to identify threats that are relevant within the AOR.
  • Provide recommendations and operational impact assessments of identified domains to increase the likelihood of identifying advanced intruders and malicious software in supported networks.
  • Conduct Cyber Analysis missions that include items such as examining information systems, network devices, and endpoints for indicators of compromise and network activity via a plethora of network…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search