Cyber Security Incident Response Manager II

Company: Sierra Nevada Corporation
Location: Sparks
Posted on: September 10, 2021

Job Description:

The Cybersecurity Incident Response Manager contributes to the success of our mission by coordinating and directing defensive Cybersecurity operations during critical and high tempo operations, in accordance with established policies and best practices. This position reports to the Director of Security Operation to execute strategic vision for the team and assist in maturing a proactive threat hunting, incident response and forensic capabilities.

As SNC's corporate team, we provide the company and its business areas with strategic direction and business support spanning executive management, finance and accounting, operations, human resources, legal, IT, information security, facilities, marketing, and communications. Learn more about SNC's Corporate team

PRIMARY RESPONSIBILITIES:

• Manage a dispersed group of threat hunters and incident responders to rapidly detect anomalous behavior and defend computer networks and information systems from insider threats, advanced criminals, and nation state attackers

• Coordinate the flow of information between cross functional teams to ensure incidents are properly tracked, escalated, and reported

• Review and analyze data from a variety of Cyber defense tools, including network traffic logs, Intrusion Detection or Prevention System alerts, firewall or system logs, and open source information to identify threat activity and recommend appropriate countermeasures and mitigations

• Report intrusion attempts, compromises malicious actor activities to management

• Proactively analyze, organize and develop new intelligence on advanced threats

• Develop, analyze, and disseminate information on threat actors

• Coordinate computer network incident response from detection through remediation

• Identify and mitigate general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)

• Identify system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code).

• Actively train, coach, and develop the team

EDUCATION, EXPERIENCE AND SKILLS REQUIRED:

• BA or BS degree or 5 years of experience as a senior-level Security Engineer, Network Engineer or System administrator

• Ability to manage and triage multiple security events, differentiating urgent issues from the merely important

• Knowledge of incident response processes OR Cyber-attack exploitation techniques OR threat intelligence reporting

• Proven experience leading and responding to complex incidents

• Broad knowledge of the tactics and techniques of advanced threat actors and computer criminals

• Extensive forensic knowledge and experience required.

• Excellent social, verbal, and written communication skills, with demonstrated ability to present analytical data to a variety of technical and non-technical audiences

• Experience with 3 or more of the following:

  • Incident response processes, automated intrusion detection capabilities and analysis techniques, malware analysis and classifications,

  • Cyber-attack types and exploitation techniques,

  • Cyber-attack modeling, threat intelligence reporting and analysis, or incident reporting and sharing requirements, computer forensics

• The ability to obtain and maintain a Secret U.S. Security Clearance is required. Learn more about the background check process for Security Clearances

PREFERRED EXPERIENCE:

• Prior experience with the US Department of Defense, intelligence community, or law enforcement

• Programming or scripting experience

• GIAC Cyber Threat Intelligence (GCTI)

• GIAC Certified Incident Handler (GCIH)

• GIAC Network Forensics Analysts (GNFA)

• GIAC Certified Intrusion Analyst (GCIA)

• Certified Information Systems Security Professional(CISSP)

• Certified Ethical Hacker (CEH)

• Experience leading a remote/virtual team

IMPORTANT NOTICE:

This position requires the ability to obtain and maintain a Secret U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-U.S. citizens may not be eligible to obtain a security clearance.  The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the U.S., foreign influence, foreign preference, criminal conduct, security violations and illegal drug use.

At Sierra Nevada Corporation (SNC) we deliver customer-focused technology and best-of-breed integrations in the aerospace and defense sectors. SNC has been honored as one of the most innovative U.S. companies in space, a Tier One Superior Supplier for the U.S. Air Force, and as one of America’s fastest-growing companies. Learn more about SNC

SNC offers annual incentive pay based upon performance that is commensurate with the level of the position.

SNC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 8%, life insurance, 3 weeks paid time off, tuition reimbursement, and more.

At Sierra Nevada Corporation (SNC), our mission is to dream, innovate, inspire and empower the next generation to transform humanity through technology and imagination. As an Equal Opportunity Employer, we welcome our employees to bring their whole selves to their work. SNC is committed to fostering an inclusive, accepting, and diverse environment free of discrimination on the basis of race, color, age, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Contributions to SNC come in many shapes and styles, and we believe diversity in our workforce fosters new and greater ways to dream, innovate, and inspire.

Keywords: Sierra Nevada Corporation, Sparks , Cyber Security Incident Response Manager II, Other , Sparks, Nevada