Senior Cybersecurity Incident Response Administrator - Senior w/Secret Clearance
TekSynap · Radford, VA · 11 mo ago
Information Technology$135k–$185k/yrFull-time
Responsibilities
- Manage, configure, and maintain Security Information and Event Management (SIEM) systems to meet DoD and Army cybersecurity requirements.
- Deploy, install, and maintain infrastructure components that support SIEM functionality and event log ingestion.
- Create and manage SIEM dashboards that provide clear, actionable visualizations for detecting security anomalies in near real-time.
- Monitor SIEM dashboards to detect threats and abnormal behavior; investigate events and escalate incidents as necessary.
- Develop custom reports and queries to support audit requirements and validate security controls.
- Provide Public Key Infrastructure (PKI) support, including management of SSL/TLS certificates and related cryptographic services.
- Monitor and enforce DoD and Army web application security standards and best practices.
- Review and respond to Army Cyber Tasking Orders (CTOs) and coordinate actions with Army Cyber Security Service Providers (CSSPs).
- Participate in Software Assurance (SwA) reviews to validate audit logs and application security events.
- Evaluate Information Systems Design Plans, architecture diagrams, and configuration documentation for compliance with applicable cybersecurity policies, regulations, and best practices.
- Support incident response workflows and collaborate with other cybersecurity stakeholders to ensure rapid containment and recovery.
Qualifications
- Extensive knowledge with Army enterprise cybersecurity tools, SIEM platforms, and monitoring systems.
- High proficiency in building and managing SIEM dashboards, ingesting relevant data, and generating alerts.
- Demonstrated expertise in investigating and responding to cybersecurity events and anomalies.
- Proven experience developing audit-ready reports to meet regulatory and security requirements.
- Strong working knowledge of PKI infrastructure, digital certificates, and encryption protocols.
- Familiarity with reviewing and responding to Army Cyber Tasking Orders (CTOs) and collaborating with Cybersecurity Service Providers (CSSPs).
- Experience with DoD/Army cybersecurity compliance standards and the Risk Management Framework (RMF).
- Hands-on involvement in application security, SW assurance, and secure system design evaluations.
- Experience with incident response coordination, evidence handling, and containment procedures.
- Understanding Engineering Change Proposals (ECPs) and Configuration Management (CM).
- Knowledge of Continuity of Operations Plans (COOP) and associated communication protocols.
- Strong analytical, communication, and cross-team collaboration skills.
- Demonstrated experience supporting government agencies, customers, or contracts within federal environments.
- This includes the Intelligence Community (IC), Department of Defense (DoD), Federal Civil agencies, and military organizations.
- Prior experience supporting the same or similar contract, with an in-depth understanding of the customer environment, requirements, and operational landscape, is highly desirable.