Position: Incident Response Specialist, TS/SCI Clearance Required, Wallops Island, VA Posted: 06/20/2023 GRIMM Cyber, a market leader in offensive and defensive tailored cyber security solutions for commercial and government applications, is hiring Incident Response Specialists to help defend NASA enterprise networks against global cyber threats. Since 2013, GRIMM has delivered cybersecurity testing and research to harden avionics and satellite platforms, commercial products and applications, and Federal IT networks to improve cyber resilience. We are looking to grow our team of cyber security professionals committed to client excellence, professional development, and growing technical knowledge for real-world applications. Incident Response (IR) Specialists will provide full-spectrum support to all aspects of NASA’s Security Operations Center’s (SOC) IR mission including activities such as incident identification, containment, recovery, eradication, investigation, analysis, reporting, and follow-up on all cybersecurity incidents, privacy or CUI breaches that affect the agency. Team members will provide services to protect, detect and respond to unauthorized activities affecting NASA information, information systems, and networks. Once selected, team members will: Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation Assist the Government in coordinating NASA’s response to agency-wide and/or significant cyber incidents and providing oversight for this service Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level Review cyber intelligence threats reports, including but not limited to, SOC MARs, SOC SARs, and DHS/CISA Emergency Directives and take appropriate actions Provide analysis reports to potentially affected organizations in accordance with NASA’s guidance to ensure complete, effective, and resource-efficient mitigation strategies Develop and deliver initial and final incident reports in accordance with DHS/CISA Federal Incident Notification Guidelines, NASA Incident Response Management IT Security Handbook, NIST SP 800-6 Develop and provide after-action incident reports, including root cause analysis, lessons learned, etc., as requested Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative Maintain all technical details, reports, and incident status, and document all required incident response information in incident reports in NASA’s authoritative incident management system. Document all incident response activities in NASA’s authoritative incident management system Assist the Government in developing requirements and configurations for NASA’s authoritative incident management system and other IR tools and applications Prepare detailed reports, assessments, presentations, and briefings on cybersecurity incidents, the results of analyses, and recommendations as requested Recommend rules and policies (including defining the events to log) for Incident Detection and Incident Response tools and applications Support the development of weekly, monthly, quarterly, and annual incident response trends and metrics Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements Requirements: Bachelor's Degree with 12 years of professional experience US Citizenship required Active TS/SCI security clearance with the ability to obtain and maintain a favorably adjudicated NASA background investigation Demonstrated understanding of cyber attacks and potential impacts against enterprise IT systems for IR, mitigation, and recovery efforts One or more DoD 8570.01-M Approved Baseline Certifications (e.g., Network+, CySA+, CISSP, GSEC, etc.) Must be able to work onsite in work location shown below Location: Wallops Island, VA 23337. Due to the hands-on nature of much of our work, preference is for candidates already located in or willing to relocate at your own expense to the work location. Why GRIMM? GRIMM offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace. Work with a team of skilled people who think hacking is fun Medical/dental/vision insurance that begins on Day 1 $0 premium option for Medical, Dental and Vision for you and your dependents 401(K) Retirement Plan with a 5% company match and no vesting period Health & Dependent Care Flexible Spending accounts are available options Paid Parental Leave 11 paid holidays a year - including MLK Day, Juneteenth, Indigenous People's Day, and Veteran's Day GRIMM is a pioneering cybersecurity organization led by business-savvy experts. Our services are informed by extensive experience working with advanced threats, discovering critical vulnerabilities, and demonstrating meaningful solutions for advanced problems. Our insight is built on operational experience in solving the most challenging cybersecurity problems. Our engineers, researchers, and exploit mitigation experts actively hunt for unknown and undocumented threats. GRIMM works with government and commercial clients from various industries, services, and specialties that require the ability to uncover security gaps and areas of exposure at every level. Learn more about us at grimmcyber.com. GRIMM promotes a Drug-Free Workplace, is an Equal Opportunity Employer, and is an Affirmative Action Employer. We participate in E-Verify.
GRIMM Cyber, a market leader in offensive and defensive tailored cyber security solutions for commercial and government applications, is hiring Incident Response Specialists to help defend NASA enterprise networks against global cyber threats. Since 2013, GRIMM has delivered cybersecurity testing and research to harden avionics and satellite platforms, commercial products and applications, and Federal IT networks to improve cyber resilience. We are looking to grow our team of cyber security professionals committed to client excellence, professional development, and growing technical knowledge for real-world applications.
Incident Response (IR) Specialists will provide full-spectrum support to all aspects of NASA’s Security Operations Center’s (SOC) IR mission including activities such as incident identification, containment, recovery, eradication, investigation, analysis, reporting, and follow-up on all cybersecurity incidents, privacy or CUI breaches that affect the agency. Team members will provide services to protect, detect and respond to unauthorized activities affecting NASA information, information systems, and networks.
Once selected, team members will:
Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation
Assist the Government in coordinating NASA’s response to agency-wide and/or significant cyber incidents and providing oversight for this service
Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level
Review cyber intelligence threats reports, including but not limited to, SOC MARs, SOC SARs, and DHS/CISA Emergency Directives and take appropriate actions
Provide analysis reports to potentially affected organizations in accordance with NASA’s guidance to ensure complete, effective, and resource-efficient mitigation strategies
Develop and deliver initial and final incident reports in accordance with DHS/CISA Federal Incident Notification Guidelines, NASA Incident Response Management IT Security Handbook, NIST SP 800-6
Develop and provide after-action incident reports, including root cause analysis, lessons learned, etc., as requested
Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative
Maintain all technical details, reports, and incident status, and document all required incident response information in incident reports in NASA’s authoritative incident management system. Document all incident response activities in NASA’s authoritative incident management system
Assist the Government in developing requirements and configurations for NASA’s authoritative incident management system and other IR tools and applications
Prepare detailed reports, assessments, presentations, and briefings on cybersecurity incidents, the results of analyses, and recommendations as requested
Recommend rules and policies (including defining the events to log) for Incident Detection and Incident Response tools and applications
Support the development of weekly, monthly, quarterly, and annual incident response trends and metrics
Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements
Requirements:
Bachelor's Degree with 12 years of professional experience
US Citizenship required
Active TS/SCI security clearance with the ability to obtain and maintain a favorably adjudicated NASA background investigation
Demonstrated understanding of cyber attacks and potential impacts against enterprise IT systems for IR, mitigation, and recovery efforts
One or more DoD 8570.01-M Approved Baseline Certifications (e.g., Network+, CySA+, CISSP, GSEC, etc.)
Must be able to work onsite in work location shown below
Location: Wallops Island, VA 23337. Due to the hands-on nature of much of our work, preference is for candidates already located in or willing to relocate at your own expense to the work location.
GRIMM offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Work with a team of skilled people who think hacking is fun
Medical/dental/vision insurance that begins on Day 1
$0 premium option for Medical, Dental and Vision for you and your dependents
401(K) Retirement Plan with a 5% company match and no vesting period
Health & Dependent Care Flexible Spending accounts are available options
Paid Parental Leave
11 paid holidays a year - including MLK Day, Juneteenth, Indigenous People's Day, and Veteran's Day
GRIMM is a pioneering cybersecurity organization led by business-savvy experts. Our services are informed by extensive experience working with advanced threats, discovering critical vulnerabilities, and demonstrating meaningful solutions for advanced problems. Our insight is built on operational experience in solving the most challenging cybersecurity problems. Our engineers, researchers, and exploit mitigation experts actively hunt for unknown and undocumented threats.
GRIMM works with government and commercial clients from various industries, services, and specialties that require the ability to uncover security gaps and areas of exposure at every level. Learn more about us at grimmcyber.com.
GRIMM promotes a Drug-Free Workplace, is an Equal Opportunity Employer, and is an Affirmative Action Employer. We participate in E-Verify.
WARNING!You may not continue to apply for the position you've selected because your original application is incomplete.Please refer to the list below that identifies the missing componants that need to be updated in your application. Then select the "Edit Application" button above to enter the missing items.Application items that are incomplete:
An attached resume is required
You have selected the following position to apply for:
Form CC-305 Page 1 of 1
OMB Control Number 1250-0005Expires 04/30/2026