Cyber Incident Manager with Security Clearance

Work History We look for experience with:basic understanding of host and network forensics; understanding log review; ability to differentiate between malign and malicious activities; experience with firewalls; incident response; Windows event managers; Windows Event IDs; MITRE ATT&CK processes; understanding of legal requirements; attack vectors; tactics, techniques and protocols (TTPs), etc. Operational Tools *Splunk use is a must. Splunk certs are great. Operational use is key. Intermediary proficiency and understanding of applications:FTK, Encase, Axiom, Xways, Mandiant HX, FireEye, SOF-ELK, Moloch, Wireshark, Network Miner, NetWitness, CyberChef, Corelightm, Security Onion , ArcSight, Zeek/Bro, Gigamon or other Packet Brokers, ELKStack, ArcSight, SourceFire, Tanium, Palo Alto, TCPDump, Tshark, Nagios, Suricata, Corelight, Various Firewalls (F/W) and Router setup/admin, DomainTools (IRIS), AWS Cloud, MS Azure, Google Cloud

Created: 2026-03-07