BACK TO SEARCH RESULTS
CERT Incident Handler
Title: Rapid Response CERT Incident Handler
Location: Washington D.C.
Duration: 12+ months
GDH is seeking an Incident Handler to work on-site with a Federal client in Washington D.C. for a long-term contract.
- Be able to deploy nationally to respond to a critical incident within 2 hours of notification when on-call status
- Understands the Incident Response cycle and work processes
- Report, analyze, coordinate, and respond to any event or cyber incident for the purpose of mitigating any adverse operational or technical impact.
- Extract meaningful info from technical reports and convert to documentation or summary reports that clearly conveys issues/status to leadership.
- Coordinates the development and implementation of courses of action (COAs) that focus on containment, eradication, and recovery. Ensures the acquisition and preservation of data required for tactical analysis, strategic analysis, and/or LE investigations.
- Ensure the timely response to cyber incidents through appropriate technical and operational channels in a way that promotes an accurate, meaningful, and comprehensive understanding of the cyber incident throughout its life cycle.
- Effectively contain events and incidents and isolate systems to minimize any damage or impact to judicial information networks, systems, data, and services.
- Safely acquire and preserve the integrity of data required for cyber incident analysis to help determine the technical/operational impact, root cause(s), scope, and nature of the cyber event or incident
- Ensure the effective coordination and communication of cyber incident information through appropriate channels and with appropriate stakeholders, other AO/DTS/ITSO organizations, and/or other government agencies.
- Provide an effective and comprehensive response that includes the recovery of any affected systems and the return to a fully functioning, secure, operational state for all services and systems.
- Identify lessons learned to help improve infrastructure component protection strategies and cyber incident handling procedures to prevent a recurrence of the cyber event or incident.
- Understand patterns of activity and trends to characterize the threat and direct protective and defensive strategies
- Sometimes intelligence and technical information may come from sources unique to the CND environment, including sources outside the AO. Consequently, extensive coordination can be required with the US-CERT, LE/CI organizations, the IC, industry partners, and critical infrastructure such as electric power supply system providers, telecommunications backbone providers, transportation management systems providers, etc.
- Document all findings and coordinating activities through the Judicial ticket tracking system HEAT. Any response actions taken may also be part of this documentation including preliminary response actions, first responder actions, or actions taken to preserve and protect incident artifacts, evidence or chain of custody.
- Forensics knowledge is useful, but this is not a Forensics Analyst role. It is more like a Cyber Intel Analyst under Army and US Airforce.
BACK TO SEARCH RESULTS
GDH Consulting, Inc. provides equal employment opportunities (EEO) to all employees and
applicants for employment without regard to race, color, religion, sex, national origin,
age, disability, genetic information, veteran’s status or any other category protected by
law. In addition to federal law requirements, GDH Consulting, Inc. complies with applicable
state and local laws governing nondiscrimination in employment in every location in which
the company has facilities and/or employees. This policy applies to all terms and conditions
of employment, including recruiting, hiring, placement, promotion, termination, layoff,
recall, transfer, leaves of absence, compensation, benefits and training.