View Our Website View All Jobs

Incident Response Analyst

Incident Response Analyst
 
Job Number:  171053
Location: China Lake, CA
Position Type: Full-Time
 

Trowbridge & Trowbridge is seeking a proactive and motivated Incident Response Analyst to join our outstanding Security Assessment Detection and Response (SADR) team at China Lake, CA.
 
Position Responsibilities:

  • The Incident Response Analyst is a member of a support team that will assist with threat monitoring, detection, event analysis and incident reporting.  Responsibilities include:
  • Monitoring enterprise networks and systems, detecting events and reporting on any and all threats that are directed against those systems regardless of their classification level or type.  
  • Collaborating with leadership to develop metrics based on situational awareness and threat monitoring at an enterprise level that will be reported based on the approved plan and supporting checklists.   
  • Rapidly address security events/activities.
  • Decide between millions of events per day and events which are then analyzed and categorized in accordance with the Cyber Security Incident Response Plan.
  • Support a full comprehensive array of analytical activities in support of external threat monitoring, detection, event analysis and incident reporting efforts to include:  presentation reviews, internal and external threat reporting, analysis of inbound and outbound public internet traffic, suspicious e-mail messages, administer access request to specific public sites, communicate and coordinate the characterization of events and the response.
  • At a minimum, orient their skillsets to the following tools:
  • McAfee SIEM
  • RedLine Forensics
  • Volatility Forensics
  • Foremost
  • FTK Imager
  • Autopsy Forensics
  • Splunk
  • RSA Netwitness
  • FireEye
  • Sourcefire (Snort)
  • Forensic Falcon

Additional Responsibilities may include:

  • Provide support for complex computer network exploitation and defense techniques to include deterring, identifying and investigating computer and network intrusions;
  • Provide incident response and remediation support; performing comprehensive computer surveillance/monitoring, identifying vulnerabilities; developing secure network designs and protection strategies, and audits of information security infrastructure.
  • Provide technical support for continuous monitoring, computer exploitation and reconnaissance; target mapping and profiling; and, network decoy and deception operations in support of computer intrusion defense operations.
  • Provide technical support for forensics services to include evidence seizure, computer forensic analysis and data recovery, in support of computer crime investigation.
  • Research and maintain proficiency in open and closed source computer exploitation tools, attack techniques, procedures and trends.
  • Perform research into emerging threat sources and develops threat profiles.
  • Provide technical support for a comprehensive risk management program identifying mission critical processes and systems; current and projected threats; and system vulnerabilities.

Position Requirements:

  • Minimum of six (6) years of general work experience and three (3) years of relevant experience in functional responsibility.
  • Candidate should have strong analytical and organizational skills.
  • Candidate should have concise writing skills, excellent MS Word skills as well as other MS Office Applications.
  • Experience with securing various environments preferred.

Education Requirements:

  • Bachelor’s degree in a relevant field.  Equivalent years of related experience may be considered in lieu of a degree.
  • Education/Certification and experience preferred in CEH, eCPPT, OSCP, GCFW, GCIH, other relevant IT security certifications, or advanced vendor certifications such as Splunk Certified Architect or SourceFire Certified Administrator; Security+, Network+, GSEC, or other relevant IT security product certifications such as Tenable Certified Nessus Auditor, SnortCP CISSP, CISM

Clearance Requirements:

  • Final, Active Secret clearance required.
  • USA Citizenship is required.

 
About T&T

Trowbridge & Trowbridge, LLC
 is an award-winning woman-owned and managed small business providing premier IT, cloud computing, cyber security, and unified communications services to the Federal Government in the civilian, defense, and health markets.  We sustain vital systems and respond to emerging requirements for IT modernization, with broad experience supporting the mission-critical, performance-driven demands of our clients.  Our success has capitalized upon our commitment to an employee-centric corporate culture with a conscience.

At T&T we believe in investing in our employees. T&T provides competitive compensation and a comprehensive benefit package including health insurance coverage, 401 (k) Retirement Plan, Employee Assistance Program (EAP), and holiday and birthday recognition programs.

Please visit www.tt-llc.com for more information.

Trowbridge & Trowbridge, LLC is an Equal Opportunity Employer/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected Veteran status, or any other characteristics protected by law. We are an eVerify participating employer.

Read More

Apply for this position

Required*
Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

150
To comply with government Equal Employment Opportunity / Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Gender
Race
Veteran/Disability status