Cyber Security Incident Response Analyst
Bethesda, MD

Job Description

Job Description

Triumph Enterprises is currently looking for a Cyber Security Incident Response Analyst to join a cyber security operations team on a contract with a federal government client with an important mission.  This role will afford an opportunity to work with a great team while serving a fulfilling mission.

Beyond the required technical expertise (outlined below), the applicant must be resourceful, detail oriented, and 100% client focused, with a continuing passion for the profession. The rewards of joining Triumph Enterprises will include competitive compensation, exceptional benefits, matching 401K, and professional/training development allowances beyond larger competitors.

Responsibilities

* Monitor, triage, and prioritize events, alerts and tips for further investigation
* Investigate events, alerts and tips to determine if an incident has occurred
* Investigate network traffic for potential security incidents using
* Sensor data
* Packet captures (occasional)


* Coordinate the response for confirmed security incidents, to include efforts to contain, remediate, recover, and prevent
* Escalate to Enterprise Network Defense Analysts for more complex, deep, or lengthy investigations.
* Maintain situational awareness and keep current with cyber security news and threat actor Tactics, Techniques, and Procedures (TTPs)
* Document investigations using tickets, incident reports, etc.
* Support the production of effective situational awareness products with relevant metrics and visualizations for key constituents and leadership

Qualifications / Requirements

* Three or more years of work experience with at least one of those specialized in cyber security
* BA or BS degree (additional years of experience in cyber security reduce this educational requirement)
* Sound cyber security knowledge foundation, to include understanding of:
* Computer and network technology fundamentals
* Network security
* Host security
* Security tools and technologies



Experience, Skills and Abilities:

* High technical ability/aptitude, demonstrated through prior technical experience and accomplishment
* Critical thinking skills
* Analytic skills and experience
* Strong teamwork and collaboration skills
* Good written and verbal communication skills
* Ability to pass a security clearance background investigation
* Ability to work independently
* Ability to work on occasional weekends and holidays

Preferred Qualifications:

* Certifications in information security (such as GCIA, GCIH, CEH, CISSP, SSCP, Sec+, etc)
* Experience in a cyber security operational environment
* Security clearance
* Knowledge and experience using an incident response framework
* Experience with SIEM tools
* Programming or scripting experience
* Server and/or application administration experience

Company Overview

Triumph is an employee-owned information technology (IT) company specializing in Program Management, Administrative Services, and Network and IT Support Services. Incorporated in Virginia in 2005, Triumph has risen to meet the Federal Government's growing need for mission-critical

Cybersecurity, Business Intelligence, Analytics, Data Visualization; and Program Management expertise and cultivated a track record of success. Our pursuit of excellence is driven by an emphasis on Client Focus, Integrity, Imagination, and Employee Engagement - the Core Values that motivate and inspire our leadership, business practices, and company culture.

Triumph participates in e-Verify. We provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 Form to confirm work authorization. Triumph is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status or any other status defined by law. Go to www.triumph-enterprises.com to learn more about Triumph.