Argo Cyber Systems is looking for an experienced and technically proficient Cybersecurity Incident Responder who can support our customers in the detection, response, mitigation, investigation, and reporting of cyber threats affecting the client networks. This large mission-critical development and sustainment program designs builds, delivers, and operates a network operations environment introducing new cyber capabilities to address emerging threats.

This position requires shift work including nights/weekends

This position requires a minimum of a USG Top-Secret Security Clearance!

Responsibilities Include:

• Responsible for leading incident response efforts and reporting status to stakeholders and leadership.

• Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations

• Produce reports and briefs to provide an accurate depiction of the current threat landscape and associated risk.

• Investigate cyber activity targeting customer information and its infrastructure

• Providing mentorship and technical education to CIRT personnel

• Liaison with other government cyber threat analysis entities, such as inter-agency Cyber Threat Working Groups

• Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions

• Meet and maintain customer-required Information Assurance training compliance

Required Skills:

• Must be a U.S. Citizen
• Must have active/current Top-Secret clearance with the ability to obtain a TS/SCI.
• Must be able to receive DHS suitability prior to starting employment.
• 6+ years of directly relevant experience
• Current experience with AWS security solutions and cloud security investigations
• Current incident response experience using Splunk
• Previous experience with penetration testing (red/blue/purple teams)
• Previous security investigation experience (OS Forensics, Network Forensics, Web Application Forensics, Cloud Forensics, etc.)
• Experience as a Linux/Windows/Network administrator
• Must be able to work collaboratively across agencies and physical locations
• Excellent oral and verbal communication

Desired Certifications:

• SANS GCIH or equivalent certification
• SANS GCFA, GCFR, or equivalent certifications)
• Splunk Power User or higher
• AWS Certified Practitioner or higher
• Certified Information Systems Security Professional (CISSP)
• Cisco Certified Network Professional (CCNP), Cisco Certified Security Professional (CCSP) or similar certification required.

Required Education:

A bachelor’s degree in cybersecurity, security operations, computer science, a related specialized area; or High School Diploma and 14 years of directly relevant experience.