Cyber Security Operations Specialist Tier 3

Cyber Security Operations Specialist Tier 3

Springfield, VA

ACTIVE TS/SCI SECURITY CLEARANCE REQUIRED

Join Our Team as a CSOC Tier 3 Cybersecurity Incident Responder – Protect the Nation's Critical Infrastructure!

This role is in anticipation of funded work. Are you ready to take on a pivotal role in defending critical systems from cyber threats? As a CSOC Tier 3 Cybersecurity Incident Responder, you will be at the forefront of cybersecurity operations, providing advanced support for containment, eradication, and recovery during incidents. Your expertise in malware analysis, digital forensics, and incident response will be key in ensuring our defenses remain strong and resilient.

This position offers you the chance to collaborate with a skilled team, engage in hands-on technical work, and continuously improve response strategies through exercises and simulations. If you're driven, detail-oriented, and have a passion for cybersecurity, we want you on our team!

What You'll Do:

• Incident Response Leadership: Coordinate and execute tasks during cybersecurity incidents, including containment measures, IP/domain blocks, and disabling user accounts under Government direction.
• Collaborative Investigations: Work closely with the Security and Installations Directorate, Insider Threat Office, law enforcement, and counterintelligence personnel to triage and investigate incidents.
• Incident Reporting & Categorization: Produce detailed security incident reports, categorize events, and ensure proper reporting, containment, and eradication of incidents.
• Cross-team Coordination: Ensure seamless coordination across contracts and organizations to de-conflict blue/red team activities and ensure recovery from incidents.
• Documentation & Analysis: Develop timelines, briefings, and documentation to inform stakeholders about incident impacts and response actions. Keep detailed records of actions taken in authorized ticketing systems.
• Custom Tools & Scripting: Develop and execute custom scripts and tools to analyze data and respond to incidents, when authorized by the Government.
• Digital Media & Malware Analysis: Perform in-depth analysis of host, server, and network data, including volatile and non-volatile memory, system artifacts, and malware reverse engineering.
• Adversary Attribution & Signature Development: Identify indicators of compromise and develop signatures to share with cybersecurity stakeholders. Provide detailed adversary attribution to support incident response.
• Continuous Improvement: Collaborate with Tier 1 and 2 teams to remediate discrepancies and provide recommendations to prevent future incidents.

What You'll Need to Succeed:

• Experience: A Bachelor's Degree or 8+ years of relevant cybersecurity experience, with a strong focus on incident response and digital forensics.
• Security Clearance: Active TS/SCI clearance with the ability to obtain a polygraph.
• Certifications: Must have or be able to obtain certifications as required by DoDD 8140.01 and DoD 8570.01-M IAT Level II and CSSP Incident Responder within six months of start.
• Advanced Cybersecurity Skills: Expertise in malware analysis, digital forensics, and response to cybersecurity incidents, including host, server, and network data analysis.
• Technical Expertise: Proficiency in scripting and automation, with a focus on developing custom tools to enhance incident response capabilities.
• Strong Communication: Ability to work under pressure and clearly communicate complex technical details to both internal teams and external stakeholders.
• Collaboration & Coordination: Experience working as part of a team, coordinating efforts across multiple organizations and government agencies to ensure swift and effective incident response.
• Documentation & Reporting: Skilled at creating detailed incident reports, timelines, and recommendations, with a focus on clear, actionable insights.

Preferred Qualifications:

• Advanced Degree: A Master's degree in Cybersecurity or a related field.
• Higher-Level Certifications: IAT III certification or equivalent expertise in the cybersecurity field.

Why You Should Apply:

• Impactful Work: Play a key role in defending critical systems from advanced cyber threats and work on real-world cybersecurity incidents.
• Collaborative Team: Work with top-tier cybersecurity professionals and government agencies to strengthen national security.
• Continuous Learning: Engage in hands-on, technical work with opportunities for continuous improvement through exercises, simulations, and advanced training.
• Mission-Driven: Support critical national security missions and contribute to the broader cybersecurity community.

If you're ready to take on a challenging and rewarding role in cybersecurity, apply today and help us strengthen our defenses against emerging cyber threats!

Additional Information

• All your information will be kept confidential according to EEO guidelines.
• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $110-115k. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Accrued PTO, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and more!

D2 Technical Services is committed to a merit-based recruitment process and encourages applications from all qualified individuals. As a Veteran-Owned Small Business, we particularly welcome applications from veterans who have the requisite skills and experience. Job applicants that are interested in one of our openings and may require a reasonable accommodation to participate in the job application or interview process, should contact us to request an accommodation.