Why WWT?
At World Wide Technology, we work together to make a new world happen. Our important work benefits our clients and partners as much as it does our people and communities across the globe. WWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for All. We achieve this through our world-class culture, generous benefits and by delivering cutting-edge technology solutions for our clients.
WWT was founded in 1990 in St. Louis, Missouri. We employ more than 10,000 people globally and closed nearly $20 billion in revenue in 2023. We have an inclusive culture and believe our core values are the key to company and employee success. WWT is proud to have been included on the FORTUNE "100 Best Places to Work For®" list 12 years in a row!
Want more jobs like this?
Get jobs in San Antonio, TX delivered to your inbox every week.
Want to work with highly motivated individuals on high-performance teams? Join WWT today!
Why should you join the Government Services team?
Our Government Services team provides cleared resources with a global reach to federal civilian, Department of Defense (DoD) and intelligence community markets. We excel at delivering innovative, operationally ready, and cost-effective IT solutions that accelerate the interoperability and resiliency of mission critical systems.
Want to learn more about Government Services? Check us out on our platform:
https://www.wwt.com/public-sector
https://www.wwt.com/government-services
Location: San Antonio, TX
Clearance Needed: TS/SCI
What will you be doing?
The Cyber Defense Incident Responder will analyze digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.
RESPONSIBILITIES:
- Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.
- Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
- Coordinate incident response functions.
- Perform cyber defense trend analysis and reporting.
- Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
- Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
- Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies.
- Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
- Perform cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.
- All other duties Cyber security duties as defined by CSSP.
QUALIFICATIONS:
- 7+ years of experience in network security, IDS alerts, firewalls, and analyzing traffic logs, and knowledge of computer networking concepts and protocols, and network security methodologies.
- Bachelor's Degree or Higher in Cybersecurity or related field
- Security Clearance: Top Secret/SCI with potential for higher read-ins.
- Must be IAT II certified (Security+)t
- IAT III/ CISSP preferred
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
- Knowledge of cybersecurity principles.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of specific operational impacts of cybersecurity lapses.
- Knowledge of disaster recovery continuity of operations plans.
- Knowledge of how network services and protocols interact to provide network communications.
- Knowledge of incident categories, incident responses, and timelines for responses.
- Knowledge of incident response and handling methodologies.
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
- Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities.
- Knowledge of cyber defense policies, procedures, and regulations.
- Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
- Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non- nation state sponsored], and third generation [nation state sponsored]).
- Knowledge of basic system administration, network, and operating system hardening techniques.
- Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation, or privileges, maintaining access, network exploitation, covering tracks).
The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:
- Health and Wellbeing: Heath, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
- Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
- Paid Time Off: PTO & Holidays, Parental Leave, Sick Leave, Military Leave, Bereavement
- Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program
Equal Opportunity Employer Minorities/Women/Veterans/Individuals with Disabilities