CAPSTONE CORPORATION Cybersecurity Analyst (Incident Response) Salary in the United States

Overview

Capstone Corporation is currently seeking a Cybersecurity Analyst in Portsmouth, Virginia. The successful candidate will be supporting Cyber Incident Response for the Norfolk Naval Shipyard (NNSY) Chief Information Office (CIO).  In the role of as a first responder, the selected candidate will use a host of forensics tools to find the root cause of a problem, limit the damage, and ensure from future occurrences.

This position is located at the Norfolk Naval Shipyard in Portsmouth, VA.

Responsibilities

• Responsible for strengthening the defensive posture and cyber defense operational readiness of IT Enterprise, Cyber Network Defense (CND) program defends and protects Government assets from external Cyber Security attacks and Insider Threats that can potentially cause or create data, systems, networks, and personnel vulnerabilities.
• Responsible for review, analysis and triage of cybersecurity incidents to relevant stakeholders for responding actions in the areas of Electronic Spillage (ES), Incident Response (IR), Personally Identifiable Information (PII) disclosures, and Phishing attempts.
• Provides initial Electronic Spillage (ES), Incident Report (IR), Personally Identifiable Information (PII) forms.
• Assists in the planning and development of rapid incident response systems to thwart information security attacks against shipyard WLAN, LAN, and WAN networks.
• Performs forensic analysis of digital information and gathers and handles evidence.
• Identifies network computer intrusion evidence and perpetrators, and coordinates with other government agencies to record and report incidents.
• Monitors Intrusion Detection Systems (IDS) to identify security issues for remediation.
• Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
• Produces clear, accurate and detailed reports, as well as concise executive summaries, on each incident.
• Monitors security industry news for noteworthy incidents and initiates contact with associated account teams, and assesses events for appropriate action.
• Identifies and implements mechanisms to streamline information gathering and speed the process by which key information is disseminated.
• Initiates, drives, and participates in efforts to educate internal colleagues at all department levels on the philosophies, processes, and practices of the incident response team.
• Performs risk assessment.

Basic Qualifications

Minimum education and years of experience:

• Bachelor’s degree or four (4) additional years equivalent, relevant experience can be substituted for the bachelor’s degree 
• Two (2) years of experience performing cybersecurity operations.

Minimum Qualifications:

• Demonstrated experience in cybersecurity incident response.
• Demonstrated experience in computer and network forensic analysis.
• Strong understanding of security operations: perimeter defense, forensics, incident response, kill chain analysis and risk assessments.
• Solid grasp of security industry terms, trends and technologies with the ability to translate technical information into meaningful and actionable points.
• Must have complete knowledge of NIST 800 series, especially 800-53.
• Familiar with Security Operations Center (SOC) tools (preferably QRadar, Arcsite, BigFix, or Saint).

Certification:

• Qualifying 8570 Baseline Certification for IAT Level II (e.g. CompTIA Security+) or higher.

Clearance:

• DOD Secret clearance.

EEO statement

EOE minority/female/disability/veteran