Incident Response SME

Resource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the United States of America.

RMC is hiring an Incident Response SME to support an active government contract in Quantico, Virginia, providing defensive cyberspace operations and Cyber Security Service Provider (CSSP) functions. This position will support the government's mission to deny, disrupt, and degrade adversaries’ abilities and attempts to disrupt, exploit and attack the information technology (IT) services provided to network users.

The selected applicant will perform a variety of activities including but not limited to :

• Collect and analyze network and host artifacts from a variety of sources to include logs, system images and packet captures (pcap) to characterize activity, determine root cause, operational impact, and to enable rapid remediation and mitigation of cyber threats within the Enterprise Network through the investigation process.
• Performing cyber incident triage, including determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.
• Manage and document cyber defense incidents from initial detection through final resolution.
• Conduct forensic analysis of device timeline, device memory, file systems, and pcap - Digital Forensics & Incident Response (DFIR).
• Providing expert technical support and performing real-time cyber defense incident handling tasks to support subordinate organizations and system owners.
• Perform quality assurance on routine cyber incident reporting to ensure accuracy and compliance to policies and procedures.
• Demonstrating effectiveness by successfully investigating and responding to Red Team activity.
• Make recommendations for alert tuning and creation of new detection use cases from information gathered during response to new techniques observed on the network.
• Mentor junior analysts and guide them through the investigation process as necessary.
• Updating the Incident Response tactics, techniques, procedures, training, and education documentation.
• Develop and refine curriculum for the supported customer's Incident Response Course.
• Preparing and presenting a course covering specific tactics, techniques, processes, and procedures related to this task at least four times per calendar year.
• Providing support required to maintain the customer's CSSP accreditation per the standards, including documentation and technical writing support as needed.

Requirements

This position is considered essential and will be required to report during hazardous weather, power outages, fuel shortages, pandemics, and other emergencies.

Benefits

At RMC, we're committed to your career growth! RMC differentiates itself from other firms through its investment in our employees. We invest our resources to train, certify, educate, and build our employees.

RMC can offer you a great place to work with a small company feel and give you the experience, tuition assistance, and certifications that will take your career to the next level. We offer Monday to Friday full-time day shift work, and can assist in paid relocation. This also includes a competitive paid vacation package with 11 paid federal holidays. Additionally, we also offer high-quality, low-deductible healthcare plans, pet insurance, and a competitive 401K package.

Salary at RMC is determined by various factors, including but not limited to location, a candidate's specific combination of education, knowledge, skills, competencies, and experience, as well as contract-specific requirements. The current salary range for this position will be $150,000 to $170,000 (annually).

#LI-LL1