Share this Job

Senior Cyber Defense Analyst & Incident Responder

Apply now »

Date: Aug 7, 2022

Location: Sterling, VA, US

Company: NTT DATA Services

Req ID: 197142 

NTT DATA Services strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Senior Cyber Defense Analyst & Incident Responder to join our team in Sterling, Virginia (US-VA), United States (US).

All of the duties listed support one or more of the following cybersecurity related functions; information security, SPAA, incident response, cyber security, insider threat, computer forensics, vulnerability assessment and management, network data capture, intrusion detection, log management, auditing, security incident and event management (SIEM), and penetration testing.


Personnel assigned to this role will serve primarily on the Operations & Response (O&R) Team; however, this role may also support the Vulnerability Assessment and Penetration Test (VAPT) and Engineering teams. This role is also responsible for coordinating with both the Cybersecurity Services Section and other sections or divisions within the organization.


Job Duties:

  • Performs network security monitoring and incident response for a large organization.
  • Coordinates with other government agencies to record and report incidents.
  • Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
  • Monitors Security Information and Event Management (SIEM) to identify security issues for remediation.
  • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information. Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
  • Assists with implementation of counter-measures or mitigating controls.
  • Supports efforts to consolidate and conduct comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks.
  • Supports Team Lead on developing recommendations for changes to Standard Operating Procedures and other similar documentation.
  • Monitors and reviews logs from existing security tools and creates new security tool signatures to ensure maximum performance and availability.
  • Performs all aspects of intrusion detection, log and audit management, network and database vulnerability assessment and compliance management, and security configuration.
  • Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability. Also manages accounts, security devices, and patches; responsible for access control/passwords/account creation and administration.
  • Analyze collected information to identify vulnerabilities and potential for exploitation.
  • Provides support in the identification, documentation, and development of computer and network security countermeasures.
  • Identifies network and operating systems vulnerabilities and recommends countermeasures.
  • Supports the deployment and integration of security tools as needed.
  • Prepares written reports, and provides verbal information security briefings.
  • Investigates, monitors, analyzes, and reports on information security incidents.
  • Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats.
  • Use mitigation, preparedness, and response and recovery approaches, as needed to maximize information security.
  • Provides incident handling support for incident detection, analysis, coordination, and response.
  • Monitors network to actively remediate unauthorized activities.
  • Monitors intrusion detection sensors and log collection hardware and software to ensure systems are collecting relevant data.
  • Monitors all security systems to ensure maximum performance and availability.
  • Analyze computer security threat information from multiple sources, disciplines, and agencies across.


Federal Job Posting Language (eff. 1/24/2022)

Candidates for this position will be required to adhere to NTT DATA’s and its clients’ COVID-19 health and safety protocols. NTT DATA is committed to complying with the Safer Federal Workforce Task Force COVID-19 Workplace Safety Guidance for Federal Contractors and Subcontractors to the extent it is enforced by the federal government or any of its clients. If this position becomes subject to a COVID-19 vaccination mandate based on applicable law or client requirement, candidates will be required to become fully vaccinated as defined by NTT DATA or be approved for an exemption in accordance with applicable law.


Basic Qualifications:

  • Ten (10) years of documented work experience performing any combination of Information System Security, Security Assessment & Authorization, Cybersecurity, Computer Forensics, or Insider Threat, to include:
    • Demonstrated experience performing vulnerability assessment, analysis, and mitigation; analyzing security system logs, security tools, and data; network monitoring, and intrusion detection using host-based and network-based intrusion detection systems (IDS) and log management applications; testing, installing, patching, and upgrading computer hardware and operating systems (Windows, and UNIX) in an enterprise environment; identifying, collecting, processing, documenting, reporting, cyber security/incident response events; architecting, engineering, developing and implementing cyber security/incident response policies and procedures; engineering, testing, installing, patching, and upgrading various information security hardware and software applications.
    • Experience performing requirements analysis, program development activities, architecting, engineering, integrating, developing and/or deploying information technology products (hardware and software) in an enterprise environment.
    • Experience using one or more of the following security tools: SourceFire, Arcsight, Splunk, NetWitness, Guidance Software, Digital Guardian, SureView, Intelliview, Nessus, and Foundstone.
    • Penetration testing experience for networks, web applications, and enterprise systems. Experience with Federal cybersecurity standards, industry best practices and guidelines.
  • Master’s degree (or equivalent combination of education and work experience); Bachelor's degree and 4 years of additional experience
  • Secret security clearance


About NTT DATA Services

NTT DATA Services is a global business and IT services provider specializing in digital, cloud and automation across a comprehensive portfolio of consulting, applications, infrastructure and business process services. We are part of the NTT family of companies, a partner to 85 % of the Fortune 100.

NTT DATA Services is an equal opportunity employer and considers all applicants without regarding to race, color, religion, citizenship, national origin, ancestry, age, sex, sexual orientation, gender identity, genetic information, physical or mental disability, veteran or marital status, or any other characteristic protected by law. We are committed to creating a diverse and inclusive environment for all employees. If you need assistance or an accommodation due to a disability, please inform your recruiter so that we may connect you with the appropriate team.

Nearest Major Market: Washington DC

Job Segment: Testing, Cloud, Information Security, Open Source, Consulting, Technology