Cybersecurity Operations Specialist - Tier 3

Northramp is looking for smart, creative individuals interested in helping grow something truly unique in our markets. While the ideal candidate is great at independently getting their work done, at the same time they are a team player who readily and proactively contributes to team activities to both the team and client’s consistent satisfaction. As a Northramp Manager, you are seen as an expert in the work that you do and are capable of leading specific initiatives within the team with little to no guidance.

We are currently looking for a Cyber Operations Specialist who will:

• Document the flow of data and identify multiple distinct data sources where suspicious behavior can be identified – must also be able to identify supplemental sources where similar data may be found.
• Investigate an incident, develop/communicate a timeline, and identify multiple scenarios based on the investigation.
• Review existing security events and lead in the development of refinements as necessary.
• Participate in the development of technical security standards to support policies including monitoring standards and incident investigation procedures.
• Respond to security requests from customers.
• Handle ad-hoc requests from leadership.

Required Qualifications

• Note: Presence on-site is mandatory for two days per week, either in Washington, DC, or Manassas, VA.
• 
  Subject Matter Expert (SME) on two (2) or more of the following: Log Analysis/Event Detection, Malware Analysis, Cloud Security, Network Access Control, Security Automation, Incident Response, Detection Engineering, Cyber Threat Hunting
• Coordinate incident response with security operations staff and serve as incident response or hunt lead.
• Ability to develop and document a hunt plan and the capability to develop standardized detection mechanisms based on the hunt plan.
• Ability to work with staff to develop a vision and independently lead the implementation of new capabilities.
• Ability to lead in the development and performance of quality control checks for Cybersecurity Operations.
• Ability to lead in the development and performance of operational metrics for Cybersecurity Operations.
• Ability to lead in the development and performance of project management for Cybersecurity Operations.
• Investigate an incident, develop/communicate a timeline, and identify multiple scenarios based on the investigation.
• Ability to identify new data sources for determination of security events:
• Analyze raw data sources to extract, institutionalize, and document actionable events.
• Review existing security events and propose refinements, automation, and/or broaden handling capabilities as appropriate.
• Ability to communicate the current status of security:
• Identify and report on metrics related to the operations of the team.
• Identify and report on project status related to augmenting detection ability.
• Ability to work with security tools that emulate adversary-like actions and personnel to develop, document, and test detection mechanisms and to close the loop by working with the applicable teams to improve security by resolving findings.
• Ability to develop detailed multi-month and resourced project plans providing timely updates.
• Work with executive management to determine acceptable levels of risk for the enterprise.
• Ability to lead in the development of technical security standards to support policies including monitoring standards and incident investigation procedures.
• Interact with other stakeholders in the community for troubleshooting/content development/etc. This interaction could include other members of other members of cybersecurity, the networking team, systems administrators, technology support partners, etc.
• Ability to handle quality assurance on events and escalations, including performing triage and root cause analysis on security events.
• Ability to support incident response and hunt activities – from performing active analysis, to developing and documenting additional detections, to developing an after-action plan and tracking its implementation.
• Ability to contribute to cybersecurity project plans providing timely updates.
• Ability to communicate the status of security operations, to include developing, executing, documenting, and training repeatable organizational metrics.
• Ability to determine gaps in current capabilities, evaluate new settings and technologies, and recommend improvements to remediate those gaps – at both a technical and process level.

Desired Qualifications

• Enduring Curiosity: A relentless desire to learn and solve complex problems.
• Innate Passion for Challenges: A deep appreciation for the journey and process of mastering skills.
• External Drive for Proficiency: A strong motivation to excel in consulting, IT, cybersecurity, and industry best practices.

Clearance

Ability to obtain a Public Trust clearance is required. Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to sensitive information.

COVID-19 Vaccine Mandate

Candidates must have received or be willing to receive the COVID-19 vaccination to be considered. Proof of vaccination is required. Medical and/or religious exemption requests will be considered. We will decide on your request for reasonable accommodation on a case-by-case basis.

About Northramp

At Northramp, our passion, our true north, is to help our clients cut through the fog and obtain technical and operational clarity to help them make the most significant impact possible. Focused like a laser on driving value for our clients, Northramp specializes in helping public and private sector clients streamline their IT operations, improve their technical services, and drive greater returns from IT investments.

If you are curious in learning more about Northramp, please visit our website at https://www.northramp.com.

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

Reasonable Accommodation Requests

Northramp is committed to working with and providing reasonable accommodation to individuals with physical and mental disabilities. If you need special assistance or an accommodation while seeking employment, please e-mail PeopleOPS@northramp.com or call: (866) 602-8688 - Northramp Human Resources. We will make a determination on your request for reasonable accommodation on a case-by-case basis.

EEO is the Law

The law requires Northramp to post a notice describing the Federal laws prohibiting job discrimination. For information regarding your legal rights and protections, please click on the following link: EEO is the Law and EEO is the Law Supplement.

Pay Transparency Non-Discrimination

Northramp will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay. Please see the Pay Transparency Nondiscrimination Provision for more information.

E-Verify

As a Federal Contractor, Northramp is required to participate in the E-Verify Program to confirm eligibility to work in the United States. For information please click on the following link: E-Verify.