Sierra Nevada Corporation | SNC | Logo Min Sierra Nevada Corporation SNC Logo Small search search icon arrow right arrow right icon press press release icon event event icon award award icon horn announcement icon facebook facebook icon google google plus icon linkedin linkedin icon youtube youtube icon instagram instagram icon flickr flickr icon icon pdf pdf download icon icon phone telephone number icon icon email email address icon

Sierra Nevada Corporation | SNC Sierra Nevada Corporation | SNC

Cyber Security Incident Response Manager

  •  Posted 12 Days Ago
  •   Full time
  •  Sparks, NV
  •  R0008477

The Cyber Security Incident Response Manager contributes to the success of our mission by coordinating and directing defensive Cybersecurity operations during critical and high tempo operations, in accordance with established policies and best practices. This position will work closely with the Security Operations Director to execute strategic vision for the team and assist in maturing a proactive threat hunting based active defense program.

EDUCATION, EXPERIENCE AND SKILLS REQUIRED:

  • BA or BS degree or 5 years of experience as a senior-level Security Engineer, Network Engineer or System administrator
  • Ability to manage and triage multiple security events, differentiating urgent issues from the merely important
  • Prior experience with the US Department of Defense or US Intelligence Community
  • Knowledge of incident response processes OR Cyber-attack exploitation techniques OR threat intelligence reporting
  • Proven experience leading and responding to complex incidents
  • Broad knowledge of the tactics and techniques of advanced threat actors and computer criminals
  • Ability to manage and triage multiple security events, differentiating urgent issues from the merely important
  • Excellent social, verbal, and written communication skills, with demonstrated ability to present analytical data to a variety of technical and non-technical audiences
  • Experience with 3 or more of the following:
  • Incident response processes, automated intrusion detection capabilities and analysis techniques, malware analysis and classifications,
  • Cyber-attack types and exploitation techniques,
  • Cyber-attack modeling, threat intelligence reporting and analysis, or incident reporting and sharing requirements, computer forensics

PREFERRED EXPERIENCE:

  • Prior experience with the US Department of Defense and intelligence community
  • Programming or scripting experience
  • Experience with 3 or more of the following:
  • Incident response processes, automated intrusion detection capabilities and analysis techniques, malware analysis and classifications, Cyber-attack types and exploitation techniques, Cyber-attack modeling, threat intelligence reporting and analysis, or incident reporting and sharing requirements.
  • GIAC Cyber Threat Intelligence (GCTI)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Network Forensics Analysts (GNFA)
  • GIAC Certified Intrusion Analyst (GCIA)
  • Certified Information Systems Security Professional(CISSP)
  • Certified Ethical Hacker (CEH)
  • Experience leading a remote/virtual team

PRIMARY RESPONSIBILITIES:

  • Manage a dispersed group of threat hunters and incident responders to rapidly detect anomalous behavior and defend computer networks and information systems from insider threats, advanced criminals, and nation state attackers
  • Coordinate the flow of information between cross functional teams to ensure incidents are properly tracked, escalated, and reported
  • Review and analyze data from a variety of Cyber defense tools, including network traffic logs, Intrusion Detection or Prevention System alerts, firewall or system logs, and open source information to identify threat activity and recommend appropriate countermeasures and mitigations
  • Report intrusion attempts, compromises malicious actor activities to management
  • Proactively analyze, organize and develop new intelligence on advanced threats
  • Develop, analyze, and disseminate information on threat actors
  • Coordinate computer network incident response from detection through remediation
  • Identify and mitigate general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
  • Identify system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code).
  • Actively train, coach, and develop the team

IMPORTANT:

This position requires the ability to obtain and maintain a Secret U.S. Security Clearance. U.S. Citizenship status is required, as this position needs to obtain U.S. Security Clearance for employment. Non-US citizens may not be eligible to obtain a security clearance.  The Defense Industrial Security Clearance Office (DISCO), an agency of the Department of Defense, handles and adjudicates the security clearance process. Security clearance factors include, but are not limited to, allegiance to the US, foreign influence, foreign preference, criminal conduct, security violations and drug involvement

COMPLIANCE RESPONSIBILITIES:

  • Responsible for thoughtful adherence to all SNC Policies, Procedures, and Compliance regulations (internal and external)
  • Responsible for timely execution of all personnel-related activities such as Time Sheet completion, Performance Evaluations, Salary Reviews, Succession Planning, etc.
  • Responsible for leadership oversight and for ensuring Department/Team training

SHARE