Senior Cyber Incident Engineer/SME

Applied Research Solutions is seeking a full-time Senior Cyber Incident Engineer/SME located at WPAFB, Ohio in support of the Cyber Resiliency Office of Weapon Systems.

Responsibilities include:

• Assist with technical security activities relative to the development, acquisition, and sustainment of aeronautical weapon systems, subsystems, and associated support systems such as software code reviews, vulnerability assessments, Program Protection Plans, CDRL development, and threat scenarios
• Assist with implementation of Information, Personnel, Physical, Industrial, and Communications Security
• Assist with program protection, technology control, protection of FOUO information, and other information requiring protection ensuring compliance with related DoD and AF instructions
• Support development and implementation of common cybersecurity classification guidance
• Lead or provide support to a Cyber Incident Response Team (Cyber IRT) as appointed by the Chief (or Deputy) CICC
• Proficient at:
  • Mapping and navigating complex and non-standard IT environments, selecting, and deploying appropriate techniques and tools to quickly triage a compromised environment, collecting and correlating data from multiple sources to evaluate the scope, and impact of a breach
  • Performing in-depth forensic analysis on captured logs, network traffic collections, and volatile memory or host images to identify and trace breach indicators and develop actionable threat intelligence
  • Gleaning and analyzing security information from enterprise network and host-based sensors, such as IDS/IPS systems, HIDS, SIEMs, AD controllers, and firewalls.
• Assist in the development and maintaining of CICC standardized documentation (i.e. templates, checklists, reports, databases, trackers)
• Coordinate with cyber incident stakeholders to identify and track the status of corrective action plans
• Capture artifacts from weapon system cyber incidents and provide to team leads and NDAA 1647
• Develop briefings and reports that capture the data from weapon system cyber incidents and lessons learned and brief stakeholders upon request
• Develop metrics framework for data gathered because of a Cyber Incident Response Team standup /cyber event to include:
  • Capturing and updating weapon system cyber incident metrics monthly and
  • Analysis of metric data and trends identification
• Capture and document lessons learned from cyber incidents to develop recommendations to policy and training
• Other duties as assigned

Qualifications/ Technical Experience Requirements:

• Information Assurance Technician Level III
• U.S. citizenship is required.
• Senior executive briefing experience (desired)
• Red Team / Blue Team / CERT / CSSP / OCO or DCO Experience (desired)
• Training and experience as an USAF 1B4XX, 17D/SXX (desired)
• Penetration testing / Computer -or Cyber Incident Response experience (desired)
• Shall possess a current, within the last five (5) years, Top Secret security clearance with SCI eligible access. Shall maintain the clearance throughout the contract period of performance to provide support for multiple tasks and meetings at various classification levels
• Must be proficient in the use of Microsoft Office Applications (Outlook, Word, Excel and especially PowerPoint) and other standard (customer-specified) applications
• Excellent verbal and written skills
• Over 10 years of experience and a MA/MS degree

All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check.

This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.

This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)