the smart solution for Durham jobs

Incident Response Team Lead

Company: CSRA
Location: Durham
Posted on: September 10, 2018

Job Description:

Clearance Level Must Currently Possess:

Public Trust

Clearance Level Must Be Able to Obtain:

No Active Clearance Required


No Suitability Required

Job Family:

Information Technology

Job Description:

GDIT is supporting EPA's Office of Environmental Information under the Infrastructure Support and Applications Hosting task order. The purpose of this contract is to develop and operate EPA's infrastructure and application platforms to be reliable, secure, and technologically advanced. The services obtained under this contract support the entirety of EPA at all geographic locations and numerous research facilities across the United States. The services consist of data center management, application hosting, application deployment/maintenance, geospatial service support, network security, cyber security, cloud computing, COOP support, and Enterprise Identity and Access Management (EIAM) and Active Directory (AD). The primary work location is in Research Triangle Park, NC.

We are currently seeking an Incident Response Team Lead to join our team supporting the Environmental Protection Agency-s (EPA) Computer Security Incident Response Capability (CSIRC).

The role will involve support of the Agency-s CSIRC, managing security incidents through the incident response life cycle, including network, forensic, and malware analysis. Normal tasks will include (but not limited to): oversight of the Incident Response team; management of security incidents; interface with EPA and status and reporting; status and reporting to CSRA management.

The candidate for this position will perform the following (but not limited to) duties and tasks:

* Research and integration of current vulnerabilities, threats, and security technologies into incident response operations

* Management of complex security incidents through the incident response life cycle
* Documentation of security incidents in Remedy and maintenance of incident artifacts
* Detection and analysis of security incidents through the monitoring of security tools, such as Fortinet, ArcSight, BlueCoat SSA, Cisco AMP/FirePower/Threat Grid, and custom tools
* Analysis of incident related data, such as packet captures, netflow, DNS history, and logs
* Forensic analysis through use of both open source and enterprise computer forensic tools

* Static and dynamic analysis of malicious code identification and analysis

* Design and implementation of threat containment, and eradication strategies
* Development of incident response processes and procedures
* Analysis of organization security posture and development of formal recommendations for control

implementation or modification

* Generation of after action reports, lessons learned documents, and threat papers for senior management
* Training and mentoring to other incident response team members
* Participation in an afterhours on-call rotation

The Candidate must have the following (but not limited to) qualifications and abilities:


* At least five years of experience in a computer security incident response role
* At least five years of enterprise Linux and Windows administration
* At least two years of leadership experience
* Excellent communications and interpersonal skills
* Passion for information security and incident response
* Practical experience with TCP/IP networking
* Experience setting up a Security Operations Center
* Experience with Active Directory and other enterprise credential stores
* Experience with virtualization technologies such as VMWare or VirtualBox
* Experience with computer forensics and malware analysis
* Critical thinking and problem solving skills
* Ability to quickly learn new technologies and respond to changing requirements and environment
* Ability to work independently and in a cross functional team
* Ability to identify both tactical and strategic solutions to complex issues


BS or equivalent + 7 yrs related experience, or MS + 5 yrs related experience


CISSP or GIAC certification is desirable.




# of Openings:


Scheduled Weekly Hours:


Telecommuting Options:

Some Telecommuting Allowed

Work Location:

USA NC Durham - 79 TW Alexander Dr (NCS005)

Additional Work Locations:

CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. - provided by Dice Analysis, CISSP, Cisco, Development, DNS, Environmental, Genetics, Linux, Management, Networking, Research, Security, TCP/IP, VMware, Windows

Keywords: CSRA, Durham , Incident Response Team Lead, Other , Durham, North Carolina

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Other Other Jobs

Protective Services Officer
Description: The N.C. Detective Agency is looking for Protective Services Officers in the Raleigh/ Durham Area. Retired
Company: NC Detective Agency
Location: Durham
Posted on: 09/26/2018

Remote Law Enforcement Transcriber (work from home)
Description: We are looking for many vendors / independent contractors who can transcribe audio content of criminal investigations, internal affairs, and various law enforcement audios. Contractors must have prior (more...)
Company: Net Transcripts, Inc.
Location: Cary
Posted on: 09/26/2018

Lyft - Drive More. Earn More - Earn A $500 Sign-on Bonus!
Description: Learn more about driving for Lyft by visiting our website via the apply now button Some of our independent driver applicants have had some prior experience in Accounting and Finance and have been working (more...)
Company: Lyft
Location: Fayetteville
Posted on: 09/26/2018

IPT Lead - Fire Ex
Description: When the global aerospace community looks for ideas and solutions to its biggest challenges, they turn to the people of UTC Aerospace Systems. We design, invent and deliver the most advanced and diverse (more...)
Company: UTC Aerospace Systems
Location: Wilson
Posted on: 09/26/2018

Benefits Specialist working from Home Starting TODAY !!
Description: Seeking Health Care Associates to start a HOME OFFICE POSITION 1 Leading Healthcare and Dental Benefits Discount
Company: Ameriplan
Location: Durham
Posted on: 09/26/2018

Part-Time Opportunity in Winston Salem, NC - 21 Hours / Week - $120K / Year + Benefits
Description: Surgery-General opening in Winston Salem, North Carolina. This and other physician jobs brought to you by DocCafe.com Join the National Center of Excellence for Wound Management Physician Group --- (more...)
Company: Vohra Wound Physicians
Location: Winston Salem
Posted on: 09/26/2018

Babysitting Wanted - Great Babysitting Service Provider Needed In Raleigh, Seeking Sitter
Description: Posting: br Hello my name is Roberta. I am hoping to find a babysitting provider working in Raleigh, North Carolina.
Company: Sitter
Location: Raleigh
Posted on: 09/26/2018

Product Demonstrator - Part Time
Description: 4500 Fayetteville Rd br br Summary br Part Time Event Specialist . br br Are you outgoing and enjoy interacting with people If promoting brand awareness through product demonstration sounds (more...)
Company: Advantage Solutions
Location: Raleigh
Posted on: 09/26/2018

Benefits Specialist
Description: Seeking upbeat and motivated individuals to join our award winning team. This is a solid company
Company: TQS
Location: High Point
Posted on: 09/26/2018

Lyft - Earn Tips And Work When You Want - Earn A $500 Sign-on Bonus!
Description: Learn more about driving for Lyft by visiting our website via the apply now button Some of our independent driver applicants have had some prior experience in Accounting and Finance and have been working (more...)
Company: Lyft
Location: Fayetteville
Posted on: 09/26/2018

Log In or Create An Account

Find us on Facebook

Find us on LinkedIn

Get the latest North Carolina jobs by following @recnetNC on Twitter!

Durham RSS job feeds