Cybersecurity Incident and Application Analyst

at  Delmock Technologies Inc

About Our Company:
Delmock Technologies, Inc. (DTI), is a leading HUBZone business in Baltimore, known for delivering sophisticated IT (Information Technology) and Health solutions with a commitment to ethics, expertise, and superior service. Actively engaged in the local community, DTI creates opportunities for talented residents while maintaining a stellar reputation as an award-winning contractor, earning accolades like the Government Choice Award for IRS (Internal Revenue Service) Systems Modernizations.
This position will depend on contact award and is expected to be a Hybrid role based in Bethesda, Maryland.
Role:
Delmock Technologies, Inc. is seeking a Cybersecurity Incident and Application Analyst to support the anticipated National Institutes of Health’s (NIH) Center of Information Technology’s (CIT) Risk Management Framework (RMF) and Cybersecurity Operations contract. As the CI&A analyst, you will play a crucial role in overseeing and optimizing the RMF and cybersecurity performance of our contract’s requirements from a network and cloud perspective.

Responsibilities:

• Conducts Network Security and Web Application Security within cloud technologies.
• Identifies the default/weak configurations, vulnerable ports, and insecure protocols.
• Identifies Malicious and Suspicious activities and assigns them appropriate criticality.
• Provides subject matter expertise in architecting and deploying tools and equipment to intercept and inspect network and email traffic, and in Endpoint technology to both end user workstations and servers.
• Assists in yearly IR tests.
• Produces reports for management and executive teams to review.

Experience in escalation procedures.

• Creates lessons learned from incidents and evaluates the effectiveness of IRP and improvises the procedures and SOPs accordingly.

Minimum Requirements:

• Bachelor’s degree or higher in Computer Science or relevant field.
• Minimum of Two (2) years of experience as a Cybersecurity Analyst.
• Expert knowledge of security industry best practices and standards, especially as it is related to compromise assessments.
• Deep understanding of computer intrusion activities, incident response techniques, tools, and procedures.
• Experience with the Enterprise Incident Response Cycle: Preparation, Detection & Analysis, Containment and Recovery, Post Incident Analysis.
• Good knowledge of NIST SP 800-61 and working knowledge in creating RACI charts.
• Working knowledge of security software such as Tenable, Splunk, and BigFix.
• Experience in FireEye technologies, IDS/IPS technologies (Palo Alto), SIEM (Splunk), Vulnerability detection tools like Tenable.
• Good understanding of Operating systems like Windows and Linux.

Highly Desired Certifications:

• E|CIH, OSCP, GCIH, Splunk.

Clearance:

• Public Trust Clearance or higher is required

Recently ranked as high as #3 among HUBZone Companies in a GOVWIN survey, DTI offers a dynamic environment for those passionate about impactful projects, community involvement, and contributing to a top-ranking Federal project support team.
At DTI, we balance continuous growth and innovation with a strong dedication to corporate social responsibility. Join our talented team and be part of a company that values both professional excellence and community impact. Explore the exciting career opportunities awaiting you at DTI!
DTI is committed to hiring and maintaining a diverse workforce. We are an equal opportunity employer making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class

• Conducts Network Security and Web Application Security within cloud technologies.
• Identifies the default/weak configurations, vulnerable ports, and insecure protocols.
• Identifies Malicious and Suspicious activities and assigns them appropriate criticality.
• Provides subject matter expertise in architecting and deploying tools and equipment to intercept and inspect network and email traffic, and in Endpoint technology to both end user workstations and servers.
• Assists in yearly IR tests.
• Produces reports for management and executive teams to review