Incident Response Engineer Array Information Technology, Inc
Rockville, MD

Job Description

Incident Response Engineer

Job Responsibilities:

* Participate in an operation that monitors for and responds to security events on our client's networks, including working with external entities, where necessary
* Respond to information security incidents, including internal and external events and targeted threats
* Develop internal tools used to respond to incidents (e.g., forensic toolkits) or recommend the purchase of specific tools to support our client's unique environment
* Identify and execute on projects that improve our incident detection and response capabilities
* Prepare recommendations, including language where appropriate, for updates to or creation of incident response procedures
* Primary point person for written/verbal communications associated with the Incident Response Life Cycle at all levels. as a member of the "Enterprise Information Security Office (EISO) Cyber Security Incident Response Team whose mission it is to provide rapid, accurate, and effective identification containment, and remediation of cyber intrusions into our client's network
* Must have verifiable experience as being agile, willing to learn, ability to teach others and capable of thinking outside the box in order to operate effectively in an ever changing threat landscape

Qualifications:

* Must have academic knowledge and practical experience of no less than five (5) years' in the following areas:
* Incident Response Workflow/Processes - experienced in utilizing and adhering to defined workflow and processes driving the Incident Response identification/mitigation/remediation efforts within a Security Operation Center
* Technical Analysis Participation - experienced in participating in the identification of impacted systems to determine impact, scope, and priority determination
* Documentation/Artifacts Collection - experienced in collecting supporting information and/or relevant artifacts from Incident Response Team members regarding Incident Response activities
* Cyber Threat Documentation - experienced in documenting cyber threat analysis results and subsequent remediation/recovery in an effective and consistent manner
* Incident Response Escalation/Handoff - experienced in escalating and appropriately handing off to team members and leadership based on defined threat and priority determination
* IT Help Desk Tools - experience working with IT Helpdesk Tools, preferably Remedyforce and/or Zendesk


* Process/Procedure Optimization - experienced in recommending solutions to optimize both technical and process/procedural aspects of the end to end incident response life cycle
* Communication/Presentation Skills - experience in working in a highly collaborative environment communicating in appropriate written and verbal formats at all levels to include but not limited to peer, business partner and executive management
* The Incident Response Analyst contractor should possess working knowledge (defined as the ability to understand how to make something work without any deeper understanding of why it works, or of how to fix it if it breaks) of the following:
* Network Fundamentals - no less than three (3) years of experience in the basic concepts of computer networking from an enterprise information security perspective
* Log File Analysis - experience in utilizing log files from a variety of sources to include host logs, network traffic logs, firewall logs, and/or intrusion prevention logs as part of the Incident Response life cycle


* Incident Detection/Response Tools - experience in working as part of a teams in the use of Incident Detection/Response Tools such as Splunk, SNORT IDS, Alien Vault SIEM, Kali Linux, Nmap, and/or Wireshark
* Advanced Threat - experience in demonstrating understanding of attack signatures, tactics, techniques, and procedures associated with advanced threats

Array Information Technology, Inc., is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.