Enterprise Incident Response Architect
San Diego, CA

Job Description

Resource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the United States of America.

RMC is hiring a full-time Enterprise Incident Response Architect to support IT and cyber incident response in San Diego, California. The selected candidate will:

* Perform incident response and forensic analysis on compromised systems utilizing EnCase Enterprise, SANS SIFT, and other related digital forensic and incident response tools
* Assist with coordination efforts with law enforcement and other government entities for the purposes of distributing digital evidence and forensic data, and performing other incident response activities
* Generate incident and forensic reports as directed
* Develop, test, and maintain the Incident Response (IR) architecture, including the creation and maintenance of a secure virtual environment to allow for the operation of enterprise forensic software and the storage of forensic evidence and malicious code
* Create, test, and maintain a forensic tool software suite for incident responder workstations
* Analyze malware and develop signatures for distributi on to other components of the Network Security team and external agencies
* Interface with Network Security Team members for dissemination of incident information

A Bachelor's Degree in STEM AND eight (8) years of cyber security work experience is required.

Three (3) years of demonstrated experience in Incident Response, or Malware Reverse Engineering, or Computer Forensics is required. Four (4) years of demonstrated experience in implementing and maintaining secure virtualized environments that comply with DoD security requirements is required. Two (2) years of demonstrat ed experience in managing secure storage systems is required. Two (2) years of demonstrated experience in VLAN and firewall management is required. EC-Council Certified Ethical Hacker (CEH) certification is required.

One (1) of the following commercial certifications is required:

* CompTIA Security + (SY0-301)
* International Information Systems Security Certification Consortium (ISC2) Certified Authorization Professional (CAP)
* CompTIA Advanced Security Practitioner (CASP)
* Information Systems Audit and Control Association (ISACA) Certified Information Security Manager (CISM)
* ISC2 Certified Information Systems Security Professional (CISSP)
* Global Information Assurance Certification (GIAC) Security Leadership Certification (GSLC)

Two (2) of the following commercial certifications are required:

* Microsoft Certified Technology Specialist (MCTS): Windows Server 2008 Active Directory, Configuring - Server 2008 (70-640)
* MCTS: Windows Server 2008 Network Infrastructure, Configuring - Server 2008 (70-642)
* Installing and Configuring Windows Server 2012 - Server 2012 (70-410)
* Administering Windows Server 2012 - Server 2012 (70-411);

OR

One (1) of the following commercial certifications is required:

* Microsoft Certified IT Professional (MCITP): Enterprise Administrator on Windows Server 2008 - MCITP (Enterprise Administrator)
* MCITP: Server Administrator on Windows Server 2008 - MCITP (Server Administrator)
* Microsoft Certified Systems Administrator (MCSA)
* Microsoft Certified Systems Engineer (MCSE 2012)

One (1) of the following commercial certifications is required:

* Linux Professional Institute (LPI) Advanced Level Linux Professional Certification- LPIC-2
* Oracle Certified Professional - Oracle Solaris Systems Administrator (OCP-OSSA)
* Red Hat Certified Engineer (RHCE)
* Red Hat Certified System Administrator (RHCSA)
* Sun Certified Network Administrator (Oracle Solaris) (SCNA)
* Sun Certified System Administrator (Oracle Solaris) (SCSA)
* CompTIA Linux+
* LPI - Senior Level Linux Professional Certification (LPIC-3)
* Oracle Certified Expert - Oracle Solaris System Administrator (OCE-OSSA)
* Red Hat Certified Datacenter Specialist (RHCDS)

Security Clearance: An active DoD security clearance is required to start. Applicant selected may be subject to a security investigation and must meet eligibility requirements for access to classified information.

RMC is an equal opportunity employer. All qualified women, minorities, individuals with disabilities and veterans are encouraged to apply for RMC job vacancies. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability status, protected veteran status, or any other characteristic protected by law.