- Must have an active TS/SCI clearance

- 5+ years of directly relevant experience in cyber incident management or cybersecurity operations

- Knowledge of incident response and handling methodologies

- Having close familiarity with NIST 800-62 (latest revision), and FISMA standards as they pertain to reporting incidents.

- Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident

- Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)

All your information will be kept confidential according to EEO guidelines.