Cybersecurity Incident Response Team (CIRT) Analyst

ASRC Federal NetCentric Technology seeks a daily on-site Cybersecurity Incident Response Team (CIRT) Analyst in Alexandria, Virginia to support one of our Cybersecurity Support Services contracts. This onsite position is responsible for containing, responding to, and eradicating threats and other malicious activity. This position will help maintain and improve cybersecurity incident response capabilities as well as coordinate or participate in high-priority investigations, identifying incident response improvements, and preparing reports for management.   

Key Responsibilities:

• Perform technical incident response investigations into cybersecurity related events and incidents 
• Determine the nature, scope, and cause of incidents including root cause analysis
• Identify corrective actions and aid in the containment, eradication, and recovery of a given event and incident
• Track incident response, corrective measures taken, recommendations, and remediation activities; complete incident reports for investigations as needed; provide or contribute to weekly report of events and incidents
• Create and maintain incident response SOP in accordance with CJCSM 6510.01B, NIST SP 800-61R2, DoD regulations, and industry best practices
• Respond to and investigate cyber events should an incident occur after regular business hours

Required Qualifications:

• Bachelor's Degree in computer science or related field
• U.S. Citizenship and an active Secret Clearance (required) with the ability to obtain and maintain a Top-Secret Clearance.
• Active DoD 8570 IAT Level II certification or greater, including at least one of the following certifications in good standing: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP.
• Active DoD 8570 CSSP Incident Responder certification a plus, including at least one of the following certifications in good standing: CEH, CFR, CCNA Cyber Ops, CHFI, CySA+, GCFA, GCIH, SCYBER, or PenTest+

• 7+ years in Information Technology or Information Security with 3+ years performing Cybersecurity Incident Response
• Knowledge of Incident Response Handling Procedures (NIST SP 800-61)
• Familiarity with cyber adversary tactics and frameworks (such as ATT&CK and D3FEND) 
• Knowledge of one or more of the following cybersecurity tools: 
  • Trellix/ESS
  • Tanium
  • Microsoft Defender Endpoint
  • Beyond Trust
  • Splunk

Advantages of Working at ASRC Federal:

• Learning and Development:
  After 90 days of employment, regular full-time employees are eligible for our professional development program. This includes annual funding for:
• Pursuing Associate’s, Bachelor’s, or Graduate Degrees.
• Obtaining industry-standard professional certifications.
• Participating in professional certificate programs.
• Covering registration fees for professional conferences.
• Employee Resource Groups (ERGs):
  Engage with colleagues through our ERGs, which foster networking and collaboration among individuals with shared interests, backgrounds, and experiences. Our ERGs include:
• Women’s Impact Network (WIN).
• Multicultural ERG.
• Military Community (MILCOM).
• Pride ERG for LGBTQ+ employees and allies.
• Purpose-Driven Careers:
  Join a company recognized as a:
• Certified Great Place to Work.
• Military Times’ Best for Vets Employer.
• Military.com’s Top 25 Veteran Employer.

Comprehensive Benefits:

• Insurance Coverage: Comprehensive plans for medical, dental, vision, life insurance, and short-term/long-term disability.
• Paid Leave: Inclusive policies for bereavement, military obligations, and parental needs, along with 11 paid holidays annually.
• Retirement Savings: A 401(k) plan with a generous company match and immediate vesting to help secure your financial future.
• Incentives: Employee referral bonuses to reward you for helping grow the ASRC Federal Family

Embark on a career with ASRC Federal, where your growth, purpose, and well-being are at the forefront of what we do.