Information Technology -> Cyber
Stuttgart, BW
•
ID: 939-383
•
Full-Time/Regular
The Cybersecurity Incident Response Analyst is responsible for monitoring, analyzing, and responding to security incidents across various data sources and environments. This role involves validating and categorizing incidents, ensuring they are accurately reported according to the Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B, and implementing appropriate response measures.

REQUIREMENTS

• U.S. citizenship.
• Secret Clearance; must be eligible for TS/SCI
• Bachelor’s degree in a relevant field or three years of relevant experience, preferably in a DoD setting.
• Willingness to travel up to 15% internationally; emergency travel may be required on 72-hour notice.
• Must possess IAT Level II and CSSP Compliant Certifications.

• Maintain and understand the directives of CJCSM 6510.01B.
• Develop and manage internal standard operating procedures (SOPs) related to cybersecurity operations.
• Ensure documentation and cybersecurity measures comply with CJCSM 6510.01B and other related policies.
• Conduct network intrusion detection, monitor systems, and perform correlation analysis to support the Cybersecurity Service Provider (CSSP) and its clients.
• Analyze suspicious events to confirm security incidents and document them in required systems.
• Coordinate with Joint Force Headquarters DoD Information Network (JFHQ-DoDIN) and other entities to ensure thorough incident analysis and reporting.
• Provide round-the-clock support for incident responses as required by CSSP, including outside of core business hours.
• Conduct digital forensics on network and host systems, particularly Microsoft Windows, to support significant incident investigations.
• Utilize tools such as Wireshark for full packet capture analysis and employ log correlation techniques using Splunk and other tools.
• Engage in signature development for IDS/IPS solutions and participate in security evaluations and certifications.