Center for Internet Security, Inc.

Computer Emergency Response Team Manager

Job Locations US-Remote
ID
2020-1290
Category
Cybersecurity Operations
Type
Regular Full-Time

Overview

The primary purpose of this position is to work as a member of the Multi State Information Sharing and Analysis Center (MS-ISAC)/Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) Computer Emergency Response Team (CERT) to manage a team of CERT Analysts who respond to cyber incidents impacting State, Local, Tribal and Territorial (SLTT) governments. This position involves critical duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work. This position is expected to perform incident response and forensic analysis on advanced cases while leading the team.

What You'll Do

  • Supervise, coach, and mentor CERT members
  • Build and maintain successful relationships with existing and prospective members
  • Coordinate and lead efforts involving incident response and forensics for SLTT organizations and represent CIS in these engagements
  • Recommend improvements to policies, procedures, technologies, tools, techniques, and operational efficiencies
  • Maintain, develop and report on metrics relative to CERT activities
  • Oversee and directly participate in cybersecurity incidents and digital forensic analysis. This includes acquiring evidence from a variety of sources including networks, hosts, devices, and various systems
  • Create detailed reports of investigative activity for consumption by internal and external organizations
  • Other tasks and responsibilities as assigned

What You'll Need

  • Bachelor’s degree in a related field
  • 4+ years of fulltime experience in digital forensics and incident response
  • 1+ year leading and managing people
  • Experience delivering technical presentations and reports and ability to articulate highly technical processes and information to a non-technical audience
  • Thorough understanding of advanced principles, theories, standards, practices, protocols, and procedures used in Digital Forensics / Incident Response
  • Understand various operating systems (Windows, Linux, Mac) and command line tools, network protocols, and TCP/IP fundamentals
  • Ability to conduct forensic analysis of mobile devices including Android, iOS, Blackberry, and cellular and tablet devices
  • Understanding of file system forensics including HFS, AFS, NTFS, FAT, EXT, and CDFS
  • Ability to maintain strict confidentiality
  • Excellent interpersonal communication skills and professional demeanor
  • Excellent problem solving and critical thinking skills, and ability to function and communicate under pressure
  • The position is open to U.S. citizens and requires a favorably adjudicated DHS Fitness Review for Public Trust Positions**
  • Must be authorized to work in the United States

It's a Plus if You Have:

  • Master’s Degree in a computer-related field
  • Experience with scripting languages such as Bash, Perl, or Python
  • Experience with forensic tools including FTK, SANS SIFT, and EnCase
  • Certifications in related areas (CFCE, CCE, GCFE, GCIH, GCFA, GCNA, GREM, etc.)

*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.

 

**Factors that may cause a negative Fitness Review decision include:

  • Criminal Conduct
  • Dishonest Conduct
  • Employment Misconduct
  • Alcohol Abuse
  • Drug Use (illegal drug use or use of a legal drug in a manner that deviates from approved medical direction) Additionally, illegal drug use includes the use of drugs that are illegal for federal purposes despite being legal in select states and countries, such as marijuana.)
  • False Statements
  • Financial Issues
  • Have not resided in the US for three (3) of the past five (5) years

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed