Incident Responder Security Clearance

Position: Incident Responder with Security Clearance
Job Title:

Incident Responder Job Category:
Information Technology Time Type:
Full time Minimum Clearance Required to Start: TS/SCI Employee Type:
Regular Percentage of

Travel Required:

Up to 10% Type of Travel:
Local *
*
* The Opportunity:

CACI is seeking a skilled and experienced Incident Responder (Level
2) to join our dynamic team to support a DoD client in Suitland, MD. The ideal candidate will have extensive experience in Computer Network Defense (CND), incident triage, incident reporting, and incident response and investigation. This role requires a proactive individual with strong analytical skills, excellent communication abilities, and a deep understanding of IT systems and networks. The Incident Responder will be responsible for managing the full incident lifecycle, from detection and analysis to containment, remediation, and recovery.

Responsibilities:
* Incident Management:

* Manage the full incident lifecycle, including detection, analysis, containment, remediation, and recovery.

* Triage, report, and respond to security incidents in a timely manner.

* Conduct incident and intrusion trend analysis to identify patterns and potential threats.

* Documentation and Reporting:

* Document incidents clearly and concisely, ensuring all relevant information is captured for future analysis and legal or compliance purposes.

* Prepare and present detailed incident reports and briefings to stakeholders.

* Security Classification and Spillage Cleanup:

* Interpret Security Classification Guides and apply classification markings/interpretations.

* Coordinate spillage cleanup activities to ensure data integrity and security.

* Threat Intelligence and Best Practices:

* Utilize threat intelligence to enhance incident response efforts.

* Develop and implement "best practices," manuals, and standard operating procedures based on Federal, DoD, IC, and industry standards.

* Collaboration and Stakeholder Management:

* Collaborate with technical teams to implement remediation measures to prevent recurrence of incidents.

* Coordinate with stakeholders to provide updates and recommendations for improving security practices based on post-incident analysis.

* Tool Utilization:

* Utilize incident tracking tools such as ticketing systems and case management platforms.

* Employ cybersecurity tools to investigate instances of alleged employee or external actor wrongdoing.

Qualifications:

Required:

* TS/SCI Security Clearance

* BA/BS in Computer Science, Information Technology, Information Assurance, or a related area of study desired.

* Without a degree, 8+ years of relevant professional experience in those fields is required.

* Must have 5+ years of concentrated experience in CND discipline.

* 3+ years of professional experience in incident triage, incident reporting, incident response and investigation, incident and intrusion trend analysis, interpreting Security Classification Guides and applying classification markings/interpretations, and spillage cleanup coordination.

* Effective interpersonal, organizational, time management, writing/documentation, and briefing skills with strong attention to detail.

* Strong analytical, conceptual, and problem-solving skills.

* Proven ability in communicating effectively and developing/presenting presentations.

* Ability to think outside the box by utilizing IT knowledge and cybersecurity tool output to investigate incidents.

* Proven ability in prioritizing, executing, and completing tasks with little to no direction in a high-pressure environment.

* Moderate experience utilizing Federal, DoD, IC, and industry standards in the creation of "best practices," manuals, and standard operating procedures.

* Moderate experience in the development and implementation of Incident Reporting, Response, and Remediation tactics, techniques, and procedures (TTPs).

* Moderate knowledge of policies and processes related to Computer Network Defense (CND) execution.

* Moderate knowledge of incident management lifecycle processes required for the identification, categorization, eradication, response, recovery, and mitigation of cybersecurity incidents and breaches.

* Moderate knowledge of common enterprise services such as…