Information System Security Analyst / Principal Computer Incident Response Technical (CIRT) leader

Information System Security Analyst / Principal Computer Incident Response Technical (CIRT) leaderLocation: Arlington, VAMust have Top Secret Security ClearanceNode is supporting a U.S. Government customer on a large mission-critical development and sustainment program to design, build, deliver, and operate a network operations environment including introducing new cyber capabilities to address emerging threats.Node is seeking aPrincipal Computer Incident Response Technical (CIRT) leader who can support our customers in leading a technical team through the detection, response, mitigation, and reporting of cyber threats affecting client networks.Responsibilities include:- Oversight and supervision of a 24 x 7 watch supporting continuous monitoring and incident response for hybrid cloud/ on-prem customer networks- Providing expert-level technical direction to the teams performing detection, response, mitigation, and reporting of cyber threats affecting customer networks- Producing reports and briefs to provide an accurate depiction of the current threat landscape and associated risk based on customer, community, and open-source reporting- Facilitating the customer's posturing to aggressively investigate cyber activity targeting customer information and its information infrastructure- Analyzing and reporting cyber threats as well as assisting in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions- Providing leadership support during assigned shifts, including nights/weekends, with hybrid work on-site- Developing and implementing training standards and procedures, including Work Instructions, Joint Qualification Requirements, and Standard Operating Procedures- Oversee the training of newly assigned analystsRequirementsRequired Skills:- Must be a US Citizen- Must have an active Top Secret clearance with an ability to obtain TS/SCI clearance- Must be able to obtain DHS Suitability- Exceptional oral and written communication- 8 + years of directly relevant experience- 4 + years leading incident response teams in a SOC or CSOC environments- Must pass internal qualification requirements within specified time constraints- Hands-on experience in a SOC performing the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:- Experience in computer intrusion analysis and incident response- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures- Strong experience with Cyber Security Incident Response training- Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)- Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks- MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)Desired Skills:- Experience with cloud-based security- Experience in computer evidence seizure, intrusion detection, computer/network forensic analysis, or data recovery- Prior experience with SIEM Technologies (Splunk)- Scripting experience (Linux/Windows command line, Python, Perl, etc.)- Prior experience with data visualization products.Required Certifications (at least 2):•DoDI 8570.01-M IAT Level II Technical Certification (Security+ CE, CCNA + Security, SSCP, CISSP) or equivalent AND an Incident Response Certification (CEH, ECIH, CYSA+, GCIH, GCIA, GNFA, or comparable certification)Required Education:BS Incident Management, Operations Management, Cybersecurity or related degree. HS Diploma with 22 years of incident management experienceCompany Overview:Node. Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.Our Core Values help us in our mission. They include:OUR CORE VALUESIdentifying the~RIGHT PEOPLE~and developing them to their full capabilitiesOur customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partnerWe believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellenceOur mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions.BenefitsWe are proud to offer competitive compensation and benefits packages to include:• Medical• Dental• Vision• Basic Life• Long-Term Disability• Health Saving Account• 401K• Three weeks of PTO• 10 Paid Holidays• Pre-Approved Online Training