[Close] 

Incident Handler ( DCO )

Incident Handler (DCO) with a TS/SCI   Founded in 1989, CALNET, Inc. is a privately held company in the Technology, Intelligence Analysis, and Language Services consulting arena. Headquartered in Reston, VA and with a branch office in San Diego, CALNET employees deliver true value to our customers by employing best practices, world class technologies industry expertise in every project. CALNET is an ISO 9001, ISO 20000, CMMI-Level III and ISO 27001:2013 certified.     We are currently searching for a talented, professional "Incident Handler (DCO)" in Fort Huachuca, AZ. We are looking for a candidate with Information Technology (IT) services background for a US Army Regional Cyber Center - Continental United States (USARCC-C) contract.  US Army Cyber Command (ARCYBER) serves as the Army Service Component Command to USCYBERCOM for Cyberspace Operations and is under Tactical Control (TACON) to Joint Forces Headquarters Department of the Defense Information Network (JFHQ-DoDIN) for DoDIN Operations and Defensive Cyberspace Operations (DCO). ARCYBER is the primary Army headquarters responsible for cyberspace operations in support of Army and Joint requirements and serves as the single point of contact for reporting and assessing Army cyberspace incidents, events and operations in Army networks, and for synchronizing and integrating Army responses thereto.   Responsibilities: Capture and perform initial analysis on captured volatile data, log data, captured network traffic data, etc. to identify any immediate intrusion related artifacts which in turn will allow immediate defensive countermeasures to be implemented. Develop necessary procedures or scripts to identify such data. Immediately upon capture of volatile data and/or power down of each individual system, in conjunction with ACOIC FMA RCC request, coordinate the shipment of original forensic evidence (hard drive, USB drive, etc.) to ACOIC G33 DCO FMA for initial forensic imaging. Works and interacts with other DCO professionals internal and external to Army Cyber Command, with Law Enforcement and Counter Intelligence LNO's, and intelligence professionals as a technical specialist to understand higher-level adversary capability. Documents, updates and enhances processes and procedures by producing training materials, standards documents and reports. Will have strong working knowledge and experience with all Windows OS platforms including but not limited to: Windows 7/8/10, Server 2K3/2K8/2012/2016. Will have working knowledge and experience with varying flavors of Unix/Linux platforms, and Apple based operating systems.   Required Skills: Minimum 5+ years of IT Security related experience Possess exceptional knowledge and experience with commercial computer incident triage tools including but not limited to:  CCIU LogCollector, EnCase Enterprise / Cybersecurity, AccessData eDiscovery, Mandiant Redline, Tanium, etc. Certifications: GIAC Certified Forensic Analyst (GCFA) GIAC Certified Incident Handler IAT Level II Baseline Certification (i.e. Security+) ITIL Foundation Certified (or must be able to obtain within 3 months of contract start or hiring date) In depth experience of ITL best practices including utilizing Remedy ITSM.   Education:    BS degree (MS preferred) in a technical field (Engineering, Physical Sciences, Mathematics, or Management Information Systems), or the equivalent combination of education, technical training, or work/military experience. JC1292
Salary Range: NA
Minimum Qualification
5 - 7 years

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.