By Light Professional IT Services

IT SMS/Cyber Incident Response Analyst

Job Locations US-AL-Huntsville
Posted Date 1 month ago(2/13/2020 12:22 PM)
# of Openings
Information Technology


Phacil, a By Light company, is seeking an IT SMS/Cyber Incident Response Analyst to join our team supporting a DOD customer in Huntsville, AL. 


You are required to be a Technical SME and have hands on knowledge of log aggregation and IOC's in a Big Data Platform Environment. To be successful in this position, knowledge of the Windows OS, Log Aggregation, STIG Checks and Compliance, Vulnerability Scans, and the overall Incident Response Planning and After Action Process will be highly desirable.

Required Experience/Qualifications

  • Minimum Certification (Required): IAM-Level II Certification  (ie, CAPP, GSLC, CISM, CISSP)
  • Identify security threats, risks, and vulnerabilities, and develop mitigation plans
  • Develop, interpret and enforce security policies and procedures
  • Configuration and Implementation of Tenable Security Center and Nessus Agents
  • Evaluate and make recommendations for new software requests for security compliance via STIGs
  • Automation of infrastructure services using the Elastic BDP (Big Data Platform)
  • Configuration of VMware for multiple Operating Systems
  • Wireshark and PCAP familiarity
  • Creation of reports for both within the BDP and Nessus
  • Develop strategies to respond to and recover from a security breach
  • Educate the workforce on information security through training and building awareness
  • Understand the risk/advantage/process of vetting Open Source software on the DoDIN

Preferred Experience/Qualifications

  • Preferred: IAT-Level III Certification (ie CISA, GCIH, GCEH, CASP, CISSP)
  • Preferred: CNDSP Certification (GCIH, CSIH, CEH, GCFA
  • Data forensics Analyst Experience
  • Syslog/Windows Event Forwarding Experience (a plus)
  • Knowledge of Incident Response Process (NIST SP 800-61)
  • Knowledge of PII, HIPPA, GDPR, and other Data Security Frameworks
  • Knowledge of Bro, Snort, and Elsa in a Security Onion Environment, preferred
  • Knowledge of log aggregation methods using Splunk/Open Source Tools
  • Experience in Elasticsearch, Logstash, and Kibana (ELK Stack)
  • Python experience for site-scraping IOC's
  • eMASS and Army RMF experience (Assess Only, specifically)

Special Requirements/Security Clearance

  • Secret clearance required


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed