Incident Management SME

Job#: 2007019

Job Description:

If you are interested in this role please send your most up to date resumet to "Denni" at [email protected]
Our client is looking for a candidate who will become part of their Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective and secure business processes.  The DSCM program encompasses technical, engineering, data analytics, cyber security, management, operational, logistical and administrative support to aid and advise DoS Cyber & Technology Security (CTS) Directorate.  This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats. 

The CIRT Incident Management SME role will be located in Beltsville, MD and Roslyn, VA
This role supports the Cyber Incident Response Team (CIRT) as a key member of Incident Response Tiger Team. 
The customer requirement requires every employee to be onsite for the first 90 days. After the 90 day period, a hybrid schedule may be offered.  
What you’ll do: 
  • Provide Subject Matter Expert (SME) level incident management support in a 24x7x365 environment.
  • Share in-depth knowledge and intelligence gained from cyber security events with stakeholders.
  • Protect against and prevent potential cyber security threats and vulnerabilities.
  • Provide SME level response, technical assistance and expertise for significant cyber incidents, investigations and related operational events.
  • Conduct advanced analysis and recommend remediation steps.
  • Develop and implement training programs for incident handling analysts.
  • Conduct detailed research to increase awareness and readiness levels of the security operations center.
  • Review, draft, edit, update and publish cyber incident response plans.

  • Bachelor’s Degree and a minimum of 14 years’ experience or a Masters Degree and a minimum of 12 years experience is required. An additional 4 years of experience may be used in lieu of degree.
  • Ability to obtain Top Secret security clearance is required, can join with a Secret clearance. 
  • Must have one of the following certifications:
    • CASP+ CE
    • CCNP Security
    • CISA
    • CISSP (or Associate)
    • GCED
    • GCIH
  • Ability to manage and resolve highly complex cyber incidents.
  • Ability to recommend sound counter measures to malicious cyber activity.
  • Experience in the development of policies and procedures to investigate cyber incidents for the enterprise network.
  • Experience handling national state level cyber incidents.
  • Experience with evidence collection, custody and control procedures.
  • Experience in incident triage.
  • Perform cyber defense trend analysis and reporting.
  • Experience with the ServiceNow platform. 
  • Demonstrated knowledge of the Incident Response Lifecycle.
  • Demonstrated ability to utilize and leverage forensic tools to assist in determining scope and severity of a cybersecurity incident.
  • Ability to identify remediation steps for cybersecurity events.
  • Strong organizational skills.
  • Proven ability to operate in a time sensitive environment. 
  • Proven ability to communicate orally and written.
  • Proven ability to brief (technical/informational) senior leadership.

Preferred Qualifications:
  • Experience developing processes and procedures within a help desk or security operations center environment.
  • Knowledge of network architecture, design and security.
  • Knowledge of malware analysis, monitoring, and cloud tools and techniques.
  • Knowledge of system design and process methodologies.
  • Experience in developing and delivering comprehensive training programs.
  • Experience collaborating with cross functional teams.
  • Experience working in the inter-agency environment. 
  • Ability to communicate technical concepts to executive level leadership.









EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or 844-463-6178.

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.

Employee Type:

Arlington, VA, US

Job Type:

Date Posted:
December 12, 2023