Cyber Security Special Operations Specialist

SBD is looking for a Cyber Security Special Operations Specialist to join our team in support of a large Security Operations program with our federal customer. This position can be remote.

Responsibilities:

• Identify, recommend, and develop capabilities to cover security gaps.
• Assist in enhancing processes and procedures across the customer's environment.
• Act as the technical escalation point for all technical issues within this program and work special cyber security projects assigned by CISO.
• Assist the customer by providing direction on industry best practices to ensure the SOC constantly evolves as a Next Generation SOC.
• Apply principles, methods, and knowledge of the functional area to specific task requirements to develop solutions to complex problems.
• Implement the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework for Intelligence Operations.
• Create security controls through "user stories" based on NIST SP800 guidance, DHS policy, and industry best practice to mitigate security risk or gaps in the security posture.
• Organize, categorize, and prioritize user stories and provide updates to allow efficient and effective re-use of stories across the enterprise, ensuring they contain testable acceptance criteria, and are documented in a format which is easy to share and explain along with having a clear definition of done.
• Support the design and deployment of incident response security solutions to facilitate a comprehensive defense-in-depth strategy and intrusion defense chain methodology.
• Provide engineering and technical assistance to support vulnerability scans, penetration testing, vulnerability analysis, scan analysis, and security analysis.

Required Qualifications:

• Must be a US Citizen able to obtain a DoD Top Secret Clearance (this can be done concurrent with employment).
• Must be able to obtain a Federal agency-specific clearance prior to starting.
• Bachelor's Degree.
• 3+ years of experience in security engineering or security operations.
• 4 years of experience in security incident response.
• Have and maintain ISC2 CISSP, or other comparable certification which must be approved in advance on a case-by-case basis.
• Have and maintain a CISM and Certified Ethical Hacker (CEH) certification, or other comparable certification which must be approved in advance on a case-by-case basis.
• Experience with scripting language such as JavaScript, Python, Perl, Groovy, Rudy, etc. and strong skills writing SPLUNK queries to create complex SPLUNK dashboards.
• Experience implementing the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework.