Cyber Security Operations Specialist Tier 3

Join Our Team as a CSOC Tier 3 Cybersecurity Incident Responder – Protect the Nation's Critical Infrastructure!

This role is in anticipation of funded work.  Are you ready to take on a pivotal role in defending critical systems from cyber threats? As a CSOC Tier 3 Cybersecurity Incident Responder, you will be at the forefront of cybersecurity operations, providing advanced support for containment, eradication, and recovery during incidents. Your expertise in malware analysis, digital forensics, and incident response will be key in ensuring our defenses remain strong and resilient.

This position offers you the chance to collaborate with a skilled team, engage in hands-on technical work, and continuously improve response strategies through exercises and simulations. If you’re driven, detail-oriented, and have a passion for cybersecurity, we want you on our team!

What You’ll Do:

• Incident Response Leadership: Coordinate and execute tasks during cybersecurity incidents, including containment measures, IP/domain blocks, and disabling user accounts under Government direction.
• Collaborative Investigations: Work closely with the Security and Installations Directorate, Insider Threat Office, law enforcement, and counterintelligence personnel to triage and investigate incidents.
• Incident Reporting & Categorization: Produce detailed security incident reports, categorize events, and ensure proper reporting, containment, and eradication of incidents.
• Cross-team Coordination: Ensure seamless coordination across contracts and organizations to de-conflict blue/red team activities and ensure recovery from incidents.
• Documentation & Analysis: Develop timelines, briefings, and documentation to inform stakeholders about incident impacts and response actions. Keep detailed records of actions taken in authorized ticketing systems.
• Custom Tools & Scripting: Develop and execute custom scripts and tools to analyze data and respond to incidents, when authorized by the Government.
• Digital Media & Malware Analysis: Perform in-depth analysis of host, server, and network data, including volatile and non-volatile memory, system artifacts, and malware reverse engineering.
• Adversary Attribution & Signature Development: Identify indicators of compromise and develop signatures to share with cybersecurity stakeholders. Provide detailed adversary attribution to support incident response.
• Continuous Improvement: Collaborate with Tier 1 and 2 teams to remediate discrepancies and provide recommendations to prevent future incidents.

What You’ll Need to Succeed:

• Experience: A Bachelor's Degree or 8+ years of rele