Millennium Corporation

Computer Network Defense & Incident Response Analyst

Job Locations US-SC-Charleston
Posted Date 5 days ago(9/25/2020 2:15 PM)
Job ID
2020-1617

Overview

Millennium Corporation is hiring a Computer Network Defense & Incident Response Analyst in Charleston, SC. Candidate must have an active Secret Clearance. 

Responsibilities

The Computer Network Defense & Incident Response Analyst will identify, isolate, investigate, inform, and implement measures to detect and protect data across a wide spectrum of sources and locations. The candidate is required to validate suspicious events or reports and determine if the event constitutes an incident. The candidate will ensure incidents are properly entered into the appropriate reporting system and determine the severity of the incident. Reporting and response measures will be taken immediately to satisfy the Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B reporting requirements.

  • Maintains familiarity with CJCSM 6510.01B reporting requirements.
  • Compiles and maintains internal standard operating procedure (SOP) documentation.
  • Ensures associated documentation and capabilities remain compliant with CJCSM 6510.01B and other applicable policy directives.
  • Provides network intrusion detection and monitoring, correlation analysis, incident response and support for the Cybersecurity Service Provider (CSSP) and its subscriber sites.
  • Validates suspicious events and determines if the event constitutes an incident and properly enters associated data into the appropriate reporting systems.
  • Coordinates with JFHQ-DoDIN and supported entities regarding significant incidents to ensure proper analysis is performed and accurate reporting of the incident is completed.
  • Provides 24x7 support for the CSSP’s Incident Response capability during non-core business hours consistent with CSSP requirements as needed.
  • Performs network and host-based digital forensics on Microsoft Windows based systems and other operating systems as necessary to enhance response to, support of, and investigation into significant network incidents.
  • Possesses working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.).
  • Explores patterns in network and system activity via log correlation using Splunk and supplemental tools
  • Possesses understanding of IDS/IPS solutions to include signature development and implementation
  • Participates in program reviews, product evaluations, and onsite certification evaluations.

Qualifications

  • Must have a minimum active Secret Clearance
  • Bachelor's degree
  • 2+ years of Cybersecurity experience
  • Any of the following DOD 8570 approved certifications under IAT Level II category: CCNA Security; CySA+; GICSP; GSEC; Security+ CE; CND; or SSCP
  • Any of the following DOD 8570 approved certifications under CSSP Incident Responder or Analyst category: CEH; CFR; CCNA Cyber Ops; CHFI; GCIA; GCFA; GCIH; Cloud+; or SCYBER

Business Development

  • Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.

Physical Requirements

  • Must be comfortable with prolonged periods of sitting at a desk and working on a computer.
  • Must be able to lift up to 10-15 pounds at a time.

Travel Requirements

  • 15% travel required 

About Us

Millennium is a strategic management, cybersecurity and systems engineering firm – driven by results and focused on people as we help our customers achieve mission success. With a proven track record of performance with the Army, Navy, OSD, DHS and other agencies, Millennium is a uniquely qualified and committed partner to the Federal Government.  It is through our work that the U.S. military and government is able to identify, manage and defeat threats.

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed