CSSP Incident Coordinator
ICF is seeking an ambitious CSSP Incident Coordinator to oversee operations within the programs CSSP. The contractor is responsible for producing guidance for the project CSSP enclave, assisting with risk assessments and risk management for organizations within the enclave, and are responsible for managing the technical classifications within the Incident Coordination organization.
Execute, draft, edit, and maintain SOP documentation
Implement and enforce DCO policies and procedures reflecting applicable laws, policies, procedures, and regulations
Provide coordination of significant incidents with USCYBERCOM and supported entities to ensure proper analysis is performed and timely and accurate reporting of the incident is affected
Provide support for the CSSP’s Incident Response 24x7 support capability during non-core business hours consistent with CSSP requirements
Manage the publishing of DCO guidance for the enclave constituency
Provide incident reports, summaries, and other situational awareness information to higher headquarters
Execute incident response in accordance with project CSSP approved SOPs (e.g., coordinate documentation, work efforts, resource utilization within the organization) from inception to final remediation and after action reporting
Utilize CSSP approved SOPs to manage threat or target analysis of DCO information and production of threat or target information within the network or enclave environment
Manage the monitoring of external DCO data sources to maintain enclave situational awareness
Provide, develop, and maintain a network forensic analysis capability to enhance response to, support of, and investigation into significant incidents to provide a clearer view of the exploits, vulnerabilities, and TTPs used to cause the incident
Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other DCO information as prescribed in CSSP approved SOPs
Assist the CSSP with risk analysis and management activities for the enclave
Utilize NIWC CSSP approved SOPs to track compliance audit findings, incident after-action reports, and recommendations to ensure appropriate mitigation actions are taken
Participate in program reviews and onsite certification evaluations
Coordinate with Incident Response and Infrastructure Support staff to meet CSSP requirements
- 5+ years relevant IT experience.
- Bachelor's degree or equivalent experience
- Security clearance required - DOD preferred
- An advanced understanding of current threats and trends present in the Information Security and Technology field
- Advanced knowledge of network technologies and protocols
- Strong initiative and a personal interest in Information Technology Security
- People skills and the ability to communicate effectively with various clients with the ability to explain and elaborate on technical details
- Knowledge of computer programming languages and scripting languages. Previous scripting and coding experience is desired but not required
- Excellent written and verbal communication skills.
- Excellent problem solving skills.
Working at ICF
Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth. If you’re seeking to make a difference in the world, visit www.icf.com/careers to find your next career. ICF—together for tomorrow.
ICF is an equal opportunity employer that values diversity at all levels. (EOE – Minorities/Females/ Protected Veterans Status/Disability Status/Sexual Orientation/Gender Identity). For more information, please read our EEO & AA policy.
Reasonable Accommodations are available for disabled veterans and applicants with disabilities in all phases of the application and employment process. To request an accommodation please email firstname.lastname@example.org and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law and Pay Transparency Statement.
DC Client Office (DC88)