Sr. Cybersecurity Incident Response Specialist

BERING STRAITS PROFESSIONAL SERVICES LLC

Washington DC, DC

JOB DETAILS
SALARY
$100,000–$120,000 Per Year
JOB TYPE
Part-time
SKILLS
Analysis Skills, Android, Artificial Intelligence (AI), Automation, Background Investigation, CCSP - Cisco Certified Security Professional, CEH - Certified Ethical Hacker, CISA - Certified Information Systems Auditor, Cloud Computing, CompTIA - Computing Technology Industry Association, CompTIA Security+, Computer Hacking, Computer Networks, Computer Science, Computer Security, Consulting, Content Development, Cross-Functional, Customer Support/Service, Cyber Threat Hunting, DNS (Domain Name System), Database Programming Languages, DevOps, Documentation, Email Technology, Environmental Work, Establish Priorities, FISMA - Federal Information Security Management Act, FTP (File Transfer Protocol), Federal Laws and Regulations, Firewalls, GCIH - GIAC Certified Incident Handler, Government, HTTP (HyperText Transport Protocol), HTTPS (HyperText Transport Protocol Secure), Homeland Security, Incident Response, Information Technology & Information Systems, Interaction Flow Diagram, Internet Security, Leadership, Linux Operating System, Machine Learning, Malware Analysis, Memory Hardware, Mentoring, Metrics, Microsoft Active Directory, Microsoft Product Family, Microsoft Windows Azure, Microsoft Windows Operating System, Military, Mobile Devices, Mobile Technology, Network Protocols, Network Routing, Network Switching, Network Traffic Analysis, Operational Audit, Operations Planning, Phishing, Physical Demands, Power BI, Presentation/Verbal Skills, Private Security, Python Programming/Scripting Language, Reporting Dashboards, Research Skills, Reverse Engineering, SMTP (Simple Mail Transfer Protocol), SSH (Secure Shell), Scripting (Scripting Languages), Secondary School, Secure/SSH File Transfer Protocol (SFTP), Security Analysis, Security Information and Event Management (SIEM), Standard Operating Procedures (SOP), State Laws and Regulations, Subnet, Team Player, Telemetry, Training/Teaching, U.S. National Institute of Standards and Technology (NIST), United States Citizen, Unix Operating Systems, VLAN (Virtual Local Area Network), Windows PowerShell, Writing Skills, iOS
LOCATION
Washington DC, DC
POSTED
1 day ago

About Bering Straits Professional Services

Paragon offers a wide range of environmental investigation, consulting, compliance, and remediation services as well as IT solutions, Facility O&M, Materiel Support, Supply and Security to both private- and public-sector clients throughout Alaska and the Continental U.S. Paragon’s experienced professional staff is dedicated to producing high-quality documentation and providing safe field execution to support its clients’ projects in line with local, state and federal guidelines and regulations.

 

About this position: Sr. Cybersecurity Incident Response Specialist

Location – Washington, DC

The Essential Duties and Responsibilities are intended to present a descriptive list of the range of duties performed for this position and are not intended to reflect all duties performed within the job. Other duties may be assigned. To perform this job successfully, an individual must be able to satisfactorily perform each essential duty. The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions of the position.

 

Wage/Salary Range: $100k - $120k

 

 

Applicants will be notified via phone or email within ten (10) business days of submittal.

 

Essential Duties & Responsibilities

  • Member of the SOC team which provides 24 hours per day, 7 days per week, 365 days per year monitoring and incident response services for the organization’s Network, Systems, Applications, and Web services.
  • Provide senior level cybersecurity incident response expertise in support of the client’s Incident Response processes and procedures.
  • Develop operational baselines such data flows and application interactions to enhance SOC’s ability to respond to incidents.
  • Prepare and manage playbooks and relevant scenarios in addition to narratives and visual diagrams and review continuously, in compliance with NIST SP 800-61 and Government guidance.
  • Follow current guidance from NIST 800-61, Federal Incident Notification Guidelines, CISA’s Incident Response and Vulnerability Playbook, and client guidance.
  • Monitor system status and sensor data from deployed sensors and triage for validity from Security Information and Event Management (SIEM) System, email, texts, phone calls and all enterprise managed dashboards.
  • Analyze all sources including network traffic, identity, fault, performance, and bandwidth information, alerts and data to augment detection of network anomalies and unauthorized activity.
  • Meet regularly with client stakeholders to develop content, analytic rules, alerts, dashboards, automation and identify ways to improve availability and efficiency of client’s incident response program.
  • Categorize, Prioritize, and Report on cybersecurity events in accordance with (IAW) SOPs and other relevant policies documents.
  • Implement cybersecurity mitigations leveraging client tools and systems.
  • Create and escalate cybersecurity-related investigations to both internal and external entities such as DHS or other Government Agencies with client and Federal defined timelines.
  • Manage, coordinate, and respond to FOIA, audits, data calls, e-discovery and information requests.
  • Schedule and execute incident response tabletop exercises with each client FISMA system on an annual basis.
  • Review and handle phishing messages reported by client staff.

 

Required (Minimum Necessary) Qualifications

  • Education Requirements:
    • High School or GED-General Educational Development-GED Diploma
    • Bachelor’s degree in computer science or equivalent is preferred

 

  • Level of Experience Requirements: Minimum of five years hands-on experience
  • Proven experience detecting, triaging, and responding to cyber incidents across enterprise networks and cloud environments.

Knowledge, Skills, Abilities, and Other Characteristics

  • Proficiency with SIEM, EDR/XDR platforms, and forensic tools.
  • Strong understanding of threat actor TTPs, MITRE ATT&CK framework, and incident containment strategies.
  • Ability to analyze network traffic, logs, and endpoint telemetry to identify malicious activity.
  • Familiarity with malware analysis, reverse engineering basics, and memory analysis concepts
  • Experience developing and tuning detection rules, playbooks, and automated response workflows.
  • Working knowledge of incident response frameworks (e.g., NIST SP 800-61, SANS).
  • Understanding of vulnerability management, threat intelligence integration, and SOC metrics/reporting.
  • Understanding of basic computer and networking technologies.
  • Windows and Linux/Unix operating systems
  • Networking technologies (routing, switching, VLANs, subnets, firewalls)
  • Common networking protocols – SSH, SMB, SMTP, FTP/SFTP, HTTP/HTTPS, DNS, etc.
  • Common enterprise technologies – Active Directory, Group Policy, and the Microsoft Azure suite of cloud services.
  • Understanding of current system logging technology and retrieving information from a plethora of technology platforms.
  • Ability to work well in a team environment.
  • Self-starter with ability to work with little supervision.
  • Willingness to take on and adapt to new, open-ended tasks for which there is no current standard operating procedure.
  • Ability to research independently and self-teach.
  • Strong analytical and decision-making skills under pressure.
  • Excellent written and verbal communication, including incident documentation and executive briefings.
  • Ability to lead investigations, mentor junior analysts, and collaborate with cross-functional teams.
  • Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Accordingly, U.S. Citizenship is required.

Preferred

  • Interest in security/hacking culture. Ability to “think like an attacker”
  • General cybersecurity certifications (one or more of the following preferred):
  • CompTIA Security+
  • CompTIA Cybersecurity Analyst (CySA+)
  • Certified Ethical Hacker (CEH)
  • GIAC Certified Incident Handler (GCIH)
  • Any cloud security certification, especially:
  • CompTIA Cloud+
  • Certified Cloud Security Professional (CCSP)
  • Cloud Security Alliance Certificate of Cloud Security Knowledge (CCSK)
  • Any Microsoft 365/Azure cybersecurity certification, especially:
  • Microsoft Certified: Security Operations Analyst Associate (SC-200)
  • Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900)
  • Microsoft Certified: Azure Fundamentals (AZ-900)
  • Microsoft Certified: Azure Security Engineer Associate (AZ-500)
  • Familiarity with the Microsoft 365 and Microsoft Azure suite of products, including Microsoft Sentinel and Microsoft 365 Defender.
  • Knowledge of common enterprise technologies, policies, and concepts such as:
  • Microsoft Sentinel SIEM
  • Kusto Query Language (KQL)
  • Mobile device technologies (iOS, Android)
  • Scripting experience (PowerShell, Python, etc.)
  • Microsoft Power BI
  • Azure DevOps
  • Artificial Intelligence (AI) / Machine Learning (ML) expertise
  • In-depth knowledge of AI and ML concepts.
  • How to practically apply AI/ML technologies to enhance cyber threat hunting and incident response capabilities.
  • Experience with specific AI services offered within Microsoft Azure.

 

Supervisory Responsibilities

  • This position will not have supervisory responsibilities.

DOT Covered/Safety-Sensitive Role Requirements

  • This position is not subject to federal requirements regarding Department of Transportation “safety-sensitive” functions.

Necessary Physical Requirements

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this role. Employees must always maintain a constant state of mental alertness. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

  • Essential and marginal functions may require maintaining physical condition necessary for bending, stooping, sitting, walking or standing for prolonged periods of time; most of time is spent sitting in a comfortable position with frequent opportunity to move about.

 

Work Environment

The work environmental characteristics described here are representative of those that must be borne by an employee to successfully perform the essential functions of the role. Employees must always maintain a constant state of situational awareness. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

Physical Setting: Washington DC

Schedule and Flexibility: Full Time in Office

 

Additional Qualifying Factors

As a condition of employment, you will be required to pass a pre-employment drug screening and have acceptable background check results. If applicable to the contract, you must also obtain and maintain the appropriate clearance levels required and must also be able to obtain access to military installations.

 

Shareholder Preference

BSNC gives hiring, promotion, training, and retention preference to BSNC shareholders, shareholder descendants and shareholder spouses who meet the minimum qualifications for the job.

 

Bering Straits Native Corporation is an equal opportunity employer.  All applicants will receive consideration for employment without regard to any status protected by state or federal law, or any other basis prohibited by law.

 

About the Company

B

BERING STRAITS PROFESSIONAL SERVICES LLC