Cyber Defense Team Lead (Secret) at Aegis Aerospace, Inc. in Huntsville, Alabama

Job Description:

Cyber Defense Team Lead (Secret)
Huntsville, AL

All candidates must have an active DoD Secret-level clearance or above.

This position is expected to pay $125,000.00 - $152,000.00 annually; depending on experience, education, and any certifications that are directly related to the position.

Resumes, in month and year format, must be submitted with application in order to be considered for the position.

Benefits
Aegis Aerospace offers a selection of competitive benefits which could include a 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule. We support career advancement through professional training and development.

Additional Compensation
Aegis Aerospace may offer bonuses or other forms of compensation to certain job titles or levels, per internal policy or contractual designation. Additional compensation may be in the form of sign on bonus, relocation benefits, short term incentives or discretionary payments for exceptional performance.

Responsibilities
The candidate will:

• Provide Subject Matter Expert oversight and guidance on the MDA Cybersecurity Service Provider - Computer Emergency Response Team's (MDA CSSP-CERT's) Cyber Defense and Incident Response program and serve as the primary POC for customer decision points.
• Develop, instruct, and evaluate a Cyber Defense Analyst and Incident Response training plan in support of training and mentoring Jr, Mid, and Sr. Vulnerability Assessment Analyst
• Perform Defensive Cyber Operations (DCO)/CSSP duties outlined in Evaluator Scoring Metrics (ESM).
• Support the development, establishment, review, and update of DCO procedures, processes, manuals, and other documentation.
• Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
• Perform preliminary analysis, identification, and response actions to detect, characterize, and respond to cyber incidents IAW CJCSM 6510.01B
• Review data of ongoing intrusions or cybersecurity incidents and report, analyze, and document/report the findings in accordance with CJCSM 6510.01B guidelines.
• Properly document all steps in the incident response process while taking care to preserve and protect incident artifacts, evidence, and chain of custody
• Analyze correlated assets, threat, and vulnerability data against know adversary exploits and techniques to determine impact and improve network defensive posture.
• Leverage actionable Cyber Threat Intelligence data to search for indicators of compromise and develop SIEM content/ signatures to detect known attack patterns and make recommendations for improvements.
• Coordinate with CSSP-CERT subscribers to develop current configurations, rules, and signatures for cyber security related toolsets.
• Coordinate with CSSP-CERT subscribers to notify, investigate, and remediate discrepancies in security logging and CSSP-CERT alignment.
• Provide standardized and targeted training in support of CSSP-CERT subscriber cyber defense and incident response programs.
• Provide support to internal and external Insider threat, counterintelligence, and law enforcement agencies during cyber incidents / investigations.
• Create, update, and manage queries and dashboards pertaining to ArcSight and Elastic SIEM and related security tools.

Basic Requirements

• Must have an active DoD Secret-level security clearance
• Must be a US citizen
• Have a bachelor's degree in Cybersecurity, Computer Science, or related field
• Have in-depth knowledge of DoD policy regarding cybersecurity
• Have in-depth knowledge of best practices relating to SIEM architecture and operation
• Have familiarity with a wide array of boundary devices and their capabilities
• Have experience with most MS Office applications (Word, Excel, PowerPoint, and Visio)
• Be able to multi-task and prioritize various projects and assignments in a dynamic work environment to meet scheduled/ unscheduled customer requests
• Be willing to travel 25% of the time
• Be willing to work rotating shifts in a 24/7 operational environment and respond quickly to emergencies as needed

Desired Requirements

• Have a master's degree, or higher, in Cybersecurity, Computer Science or related field
• Have experience with security analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network Devices, and Operating Systems (e.g., Windows, and Linux)
• Have experience with other Security Operations Centers (SOC)/DCO tools/applications, such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, Network Security Manager, Bluecoat, Barracuda, etc.
• Have experience performing security compliance scans across a WAN (ACAS/Nessus preferred)
• Have a background in configuration, troubleshooting, and deployment of host-based security (ESS preferred)
• Be able to mentor and train personnel in an evolving, high-paced environment
• Be familiar with DoD Security Operations Centers (SOC)
• Be familiar with DCO/Cybersecurity Service Provider (CSSP)-guiding security policies and procedures
• Have an active DoD Top Secret clearance

Aegis Aerospace is an Equal Opportunity Employer /M/F/disability/protected veteran employer.

PI259605594

Apply Now