- Strong verbal and written communications skills
- Expert knowledge of policies, procedures, and protocols of a government Security Operations Center (SOC) with emphasis on incident response and forensic network analysis, and
- To support incident response activities while performing cyber investigations, have demonstrated experience leveraging data points from the following (or equivalent) enterprise security tools:
- McAfee IDS/IPS,
- McAfee Enterprise Antivirus,
- Symantec EndPoint Protection,
- Forescout CounterACT,
- Symantec Data Loss Prevention (DLP),
- Guardian MDB Protect,
- Cisco firewalls,
- Imperva web application firewalls (WAF),
- McAfee Enterprise Security Mgr, and
- SPLUNK (or like) tools.
- 3+ years of experience handling incident response and forensic analysis in large/complex enterprises
- Bachelor of Science in Computer Science, Systems Engineering, Cybersecurity, Information Technology or related area (or 10+ years of overall experience in lieu of a degree).
At least one of the following:
- Certified Information Systems Security Professional (CISSP), or
- SANS (any): GCIH, GCFE, GCFA, GREM, GPEN, GWAPT, GXPN, or
- Certified Computer Examiner (CCE), or
- Certified Computer Forensic Examiner (CCFE)
- Security +
- Network +
- Experience incident handling and threat intelligence at the U.S. Dept of Treasury, or
- Previous incident handling and threat intelligence experience at a Federal agency of similar size, scope, and complexity.
VariQ is an equal opportunity employer.