is an information technology services company that was founded to create innovative forward-leaning solutions to enhance the capabilities of our customers. GCyber engineers have satisfied the technology needs of the U.S. Government for over 20 years. We maintain relationships with key researchers, scholars, and analysts who have specialized expertise in the federal market. GCyber’s broad experience, focus toward desired outcomes, and commitment to innovation ensures responsive and long-lasting results.
The Sr. Cloud Incident Response Analyst
is responsible for working with our Federal customers to Monitor, Protect, and Respond to Cloud based Cyber incidents.
Required skills and experience:
- providing consulting to and/or leading cybersecurity initiatives including:
- Perform continuous in-depth monitoring of cloud applications and provide recommendations for minimizing loss and destruction, mitigating exploited or exploitable weaknesses, and minimizing impact to service/returning to normal service as quickly as possible
- In collaboration with administrators and/or external providers, Identify and respond to misuse, malware, unauthorized or anomalous activity including potential, successful and unsuccessful access attempts and compromises
- Collaborate with SIEM Engineer(s) to integrate existing cloud data feeds into Splunk SIEM including container, operating system, and deployed application logging into cloud logging services for more comprehensive analysis.
- Identify relevant security logs from entire cloud application portfolio including access logs, privilege escalations, and other application specific events.
- Support cyber incident response actions to ensure proper assessment, containment, mitigation and documentation of incidents.
Clearance, Certification, & Schooling:
- Understanding of incident response and monitoring of cloud applications
- Working knowledge of security and internal controls, risk management
- Ability to collaboratively work to develop insider threat log monitoring profiles
- Comfortable using Splunk for log monitoring
- Professionalism and discretion in interacting with executives and client
- Polished verbal and written communication skills
- Enthusiasm, entrepreneurialism, and a great sense of humor!
- Experience with the production and/or editing of incident reports
- DOD TS/SCI security clearance
- Bachelor’s Degree in Computer Science, Cybersecurity, Computer Engineering, or Information Technology or equivalent degree
- 8570 Compliant, Security+ certification or similar cybersecurity or information security certification
- Must obtain a CISSP within one year on contract
- 10+ years experience with direct expertise in the IT specialty
For more information about GCyber please visit our website at http://www.gcyber.com. Also please stay in touch and track future job openings by following us on LinkedIn http://www.linkedin.com/company/gcyber.
By submitting your resume for this position, you understand and agree that GCyber may share your resume, as well as any other related personal information or documentation you provide, with its partners and affiliated companies for the purpose of considering you for other available positions.
GCyber is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identify, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.