Engineer (Incident Handling)

工作内容

Overview

Systems Planning and Analysis, Inc. (SPA) is a well-established and progressive defense contracting company in the Northern Virginia area just a few miles south of the Pentagon. We are a professional services firm established in 1972 that has a long-standing reputation for unrivaled technical and analytical support to some of the top decision makers in the Federal Sector. We do state of the art work and have a cadre of outstanding professionals on our team.

SPA has an immediate need for a Engineer (Incident Handling) to provide contracting services to NATO!

Responsibilities

Under the direction of the Head, Incident Handling Section, yoiu will perform duties to support the Resolute Support Mission (RSM) and the Kosovo Force (KFOR) such as the following:

• Provision of 24/7 Incident Response (TRIAGE, Contain, Eradicate, Recover) activities, during normal working hours and on-call duties, including weekends and holidays.
• Deliver of technical co-ordination, support and assistance in respect of Cyber Security Incident Response to the RSM Theatre Information Assurance (IA) Office and the KFOR CIS Security Office.
• Technical coordination, as required, with NATO Nations, Partner Nations, non-Governmental Organisations and Industry partners. Provision of technical support to forensics investigations.
• Cyber Security Incident-related research.
• Incident reporting activities in support of RSM and KFOR, reporting Security Incidents to the appropriate Theatre IA/Security Office as required.
• Production of Standard Operating Procedures covering all aspects of Incident Response (TRIAGE, Contain, Eradicate, Recover) activities, in coordination with the respective theatre of operations’ stakeholders.
• Analysis, interpretation and dissemination of Security Advisories and Threat Intelligence Reports from NATO Nations, Partner Nations, non-Governmental Organisations and Industry partners. Research to identify, document and implement improvements to the Incident Response (TRIAGE, Contain, Eradicate, Recover) activities in order to enhance and optimise current best practice to meet new and developing threats.
• Co-ordination and preparations of reports, recommendations and presentations to the respective Theatre IA/Security Offices on all aspects of Incident Response (TRIAGE, Contain, Eradicate, Recover).
• Co-ordinating simultaneously the activities of multiple NATO Site- level Incident Response Teams.
• Performs other duties as may be required.
  

Qualifications

Required Qualifications

In addition to at least 4 years relevant experience, you will be required to demonstrate:

• A Bachelor Degree in Computer Security or related discipline at a nationally recognised/certified University in the related discipline or an Advanced IT-related university degree
• Excellent communications skills and reporting experience with capacity to communicate to different types of audience (senior executive, middle management, technical and non-technical).
• Comprehensive understanding of the principles of Computer and Communication Security, networking, and the vulnerabilities of modern operating systems and applications acquired through a blend of academic or professional training coupled with practical professional experience.
• Experience in the implementation and integration of Cyber Security protective measures.
• Recent practical, hands-on experience of Intrusion Detection and Incident Response (TRIAGE, Contain, Eradicate, Recover) in an enterprise-level Computer Emergency Response Team.
• Experience in interpreting the results of CIS Technical Security/Vulnerability Assessments.
• Practical hand-on experience in System and Network administration to include Network (TCP/IP) Engineering.
• Experience of the management of CIS Service Delivery
• National from one of the 30 NATO Nations
• In possession of an active National and/or NATO Secret security clearance
  

Desirable Qualifications

• Degree in IT or CIS security related discipline.
• Experience in working in a theatre of operations or in deployed military force in a CIS or cyber position.
• Member of a recognized professional IT or CIS body or institution. Additional Professional Qualifications: CISSP, GCIH, GCIA/GCIM.
• Able to demonstrate an in-depth knowledge of potential security event sources and their interpretation and analysis in support of the incident detection and handling processes.
• Prior experience of working in an international environment comprising both military and civilian elements.
• Knowledge of NATO responsibilities and organizational structure