ASRC Federal is hiring a Cloud Incident Response (IR) Specialist in support of our Defense Counterintelligence Security Agency (DCSA) program based out of Hanover MD.
Remote flexibility available! Telework offered with a requirement to be onsite up to one (1) day a week in Hanover MD.
Position Description:
ASRC Federal is seeking a highly motivated and skilled Cloud Incident Response (IR) Specialist to join our team. This critical role focuses on safeguarding our cloud-based assets and infrastructure from evolving cyber threats. You will leverage your expertise in cloud security tools and technologies to monitor, detect, investigate, and respond to security incidents across multiple cloud platforms.
Responsibilities:
- Cloud Security Monitoring: Continuously monitor cloud environments (AWS, Azure, Google Cloud) for suspicious activity using SIEM tools like Splunk, Elastic, and Swimlane.
- Incident Detection & Response: Investigate security alerts, analyze logs, and identify potential incidents. Coordinate with stakeholders to contain and remediate threats, minimizing impact to the organization.
- Vulnerability Assessment & Risk Management: Proactively identify and assess vulnerabilities in cloud systems and applications. Recommend and implement preventative measures to strengthen security posture.
- Threat Intelligence: Analyze threat intelligence data to identify emerging threats and adapt security measures accordingly.
- Compliance & Auditing: Support compliance efforts by auditing cloud security configurations, documenting security policies and procedures, and providing evidence for audits.
- Cloud Infrastructure Security: Monitor and secure cloud infrastructure components, including virtual machines, storage, networking, and compute resources.
- Collaboration & Communication: Work collaboratively with SOC team members, incident response teams, and cloud service providers to effectively address security incidents.
Minimum Requirements:
- 3+ years of system-level cybersecurity experience in one of the following areas:
- Incident Response and Threat Hunting as part of a mid to large enterprise red team or threat hunt team.
- Enterprise vulnerability management, endpoint security, or web security within a mid to large enterprise.
- Active Secret Clearance, eligible for TS/SCI.
- Bachelor’s degree in Information Security or related field, or equivalent combination of experience.
- Must meet DoD 8140/8570.01-M IAM II or IAT Level II requirements (e.g., CCNA Security, CySA+, GICSP, Security+ CE, CND, SSCP, CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, HCISPP, CEH, Pentest+, OSCP, CSSP-IR). At least one certification is required.
Required Skills:
- Cloud Computing Platforms: Hands-on experience with AWS, Azure, and/or Google Cloud, including their respective security tools and features.
- Security Tools & Technologies: Proficiency with SIEM systems (Splunk, Elastic, Swimlane).
- Cybersecurity Frameworks: Knowledge of NIST Cybersecurity Framework and/or ISO 27001.
- Incident Response: Proven experience with incident response procedures, including containment, eradication, and recovery.
- Vulnerability Assessment & Penetration Testing: Ability to identify vulnerabilities and assess the effectiveness of security controls.
- Threat Intelligence: Familiarity with threat intelligence sources and analysis techniques.
- Technical Skills: Strong understanding of network protocols, operating systems, and cloud infrastructure.
- Communication & Collaboration: Excellent written and verbal communication skills to effectively articulate technical findings and collaborate with diverse teams.
This position is offering a pay range of $110,000 – $145,000 depending on experience, seniority, geographic locations, and factors permitted by law.
Read Full Description