Description of Duties:
The Jr. Cyber SOC Defense Engineer supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. The candidate will:
- Provide Defensive Cyber Operations (DCO) 24 hours a day 7 days a week, and provides real-time monitoring and analysis of insider and external threats utilizing network security tools.
- Provide incident response and recovery activities to the enterprise.
- Conduct intrusion detection and incident response on enterprise networks and maintain situational awareness of enterprise-wide cyber security.
- Utilize Defensive Cyber Operations (DCO) and SIEM Tools to analyze and correlate event logs from network security devices and mission critical infrastructure (e.g., network and host-based security systems, firewalls, routers, switches, servers, workstations, etc.) for indicators of compromise and known attack patterns. Analyze and interpret log data within SIEM tools (e.g., ArcSight, Splunk, etc.)
- Review data originating from or reflecting status of ongoing intrusions or cyber security incidents and report and document the findings in accordance with CJCSM 6510.01B guidelines.
- Analyze vulnerabilities against known exploits in enterprise cyber-threat environment and disseminate guidance to improve network defensive posture.
- Support the response and recovery to network and cybersecurity incidents utilizing Incident Response plans, to include reporting all pertinent details utilizing internal and external data management systems.
- Conducts evidence collection utilizing forensic tools and methods. Documents relevant findings and identify the tactics, techniques, and procedures used by an attacker and preserve forensic chain of custody for evidence when required.
- Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation
- Experience with most MS Office applications (Word, Excel, PowerPoint, and Visio)
The successful candidate will:
- Must be willing to work rotating shifts in a 24x7x365 operational environment and respond quickly to emergencies as needed
This position is located at Schriever AFB, Colorado Springs, CO.
This position will be posted for a minimum of 3 days. If a candidate has not been selected at that time, it will continue to be posted until a suitable candidate is selected or the position is closed.
Resumes, in month and year format, must be submitted with application in order to be considered for the position. The selected candidate will be assigned as an employee for Jacobs or one of the following teammate companies: HX5, GCS, ERC, MEIT or Aerodyne.
Must have one of the following combinations of education and experience: HS Diploma (or GED) and 1-4 years of general experience; Associate’s, or higher, degree and any experience.
- Must have at least 2 years of directly related experience
- Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, or SSCP)
- Must have a current DoD 8570.01-M CSSP Analyst and Incident Responder certification (CEH, CFR, CCNA Cyber Ops, CySA+, , GCIH, or SCYBER)
- Must have an active DoD Secret Security Clearance to start.
- Must be able to obtain a DoD Top Secret Clearance.
- Bachelor’s degree in Information Technology, Cybersecurity, or related discipline.
- Experience with DoD DCO/Cyber Security Service Provider (CSSP), network, and system security policies and procedures
- Experience with correlating security events across the enterprise using SIEM tools, ArcSight preferred
- Experience with security analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network Devices, and Operating Systems (e.g., Windows, and Linux)
- Experience with other Security Operations Centers (SOC)/DCO tools/applications, such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, Network Security Manager, Bluecoat, Barracuda, etc.
- Current DoD Top Secret clearance
Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. Learn more about your rights under Federal EEO laws and supplemental language.
: United States-Colorado-Schriever AFB-20348-SHRV
: United States-Colorado-Colorado Springs
: Yes, 10 % of the Time
: Apr 21, 2020, 7:22:14 PM
: Information Technology
Job Classification: Full-Time Regular
730 Irwin Ave
Schriever AFB 80912