ECS is seeking a Cyber Defense Incident Responder - Senior to work in our Washington, DC office.

Job Description:

• Lead, facilitate and advise via the Incident Response lifecycle across the Bureau of the Census within the Department of Commerce against 24/7 threats/vulnerabilities/events.
• Provide leadership w/ security and cybersecurity intelligence, posture/capabilities status, ways-forward, trend analysis and personnel readiness to enhance cyber security and incident response.
• Advise leadership through multi-vector threat remediation and capabilities enhancement.
• Leverage multi-source Cyber Intelligence to bolster cybersecurity posture.
• Effectively lead and advise Security Operations and Infrastructure teams regarding threats and vulnerabilities mitigation procedures and system(s) enhancement(s).
• Meet/exceed/expand customer mission requirements, goals, and vision.
• Coordinate and communicate with multi-partner teams/services regarding 24/7 security posture and national regulatory requirements.
• Learn and foster knowledge and skills training to adhere to and expand security, cybersecurity, and contingency requirements.
• Manage/mentor SOC team members regarding procedures, schedules, training, event & tools management, and performance requirements.
• Develop and implement best-practice network security, backup, and recovery procedures.
• Diagnose network connectivity and performance issues during events and incidents.
• Integrate new systems into existing network and security architecture.
• Monitor network capacity, performance and
• Advise during network patching, expansion, and capability growth to ensure safeguarding of data/information against threats and vulnerabilities.
• Obtain and retain clearance requirements set by the Dept. of Commerce
• Provide feedback on network requirements, including network architecture and infrastructure.
• Test and maintain network infrastructure including software and hardware devices.

• Strong written and verbal communication skills.
• Lead the Cybersecurity Incident Response lifecycle as an Incident Commander during high-demand events/incidents.
• Advise leadership and assist management of SOC personnel, personnel readiness, team cohesion and training.
• Understand and implement international, federal, state, and local regulation standards of cybersecurity.
• Organize cyber operations, exercises, and inspections.
• In-depth knowledge of network encryption, secure network topology and operating network equipment including hubs, routers, switches, bridges, servers, transmission media, and related logical & physical domains.
• Knowledge of cloud-based networking, security, and best practices
• Implement network threat detection and prevention rules and data control methods.
• Operate common network tools (e.g., ping, traceroute, nslookup, ipconfig, nbstat).
• Interpret Operating Systems command line (e.g., Windows, Linux).
• Navigate and operate within the organization's LAN/WAN pathways.
• Monitor and perform trend analysis of network performance, availability, and incidents.
• Experience/knowledge monitoring networks for Indicators of Compromise
• Operate different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts).
• Interpret the information collected by network tools (e.g., Microsoft Defender, FireEye, Akamai and packet capture).
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), bandwidth/utilization management and directory services.
• Measure, analyze and tune network performance, confidentiality, integrity, and availability.
• Experience with network data structures and models (e.g., Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).

• Bachelor's degree or higher.
• 7years' experience in network management and experience directly performing configurations and security implementation on LAN and WAN equipment.
• Certifications addressing system security, network infrastructure, access control, cryptography, assessments and audits, and organizational security.
• Active Secret clearance or eligible to obtain a Secret clearance.

• Experience holding a leadership position.
• Implementing, maintaining, and improving established network security practices.
• Applying ITIL or equivalent Change Management
• Installing, configuring, and troubleshooting LAN and WAN components such as routers, hubs, switches. Establishing a routing scheme.
• Skill in securing network communications and protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
• Configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems).
• Implementing and testing network infrastructure contingency and recovery plans.
• Applying various subnet techniques (e.g., CIDR)
• Configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate).
• Packet Analysis.