XOR Security is currently seeking a Cyber Exercise Planner to support an Agency-level SOC. The SOC program provides comprehensive Computer Network Defense and Response support through 24×7×365 monitoring and analysis of potential threat activity targeting the enterprise. To support this vital mission, XOR staff are on the forefront of providing Advanced CND Operations, and Systems Engineering support to include the development of advanced analytics and countermeasures to protect critical assets from hostile adversaries. To ensure the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response. Strong written and verbal communications skills are a must. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables with experience in complex malware analysis techniques, scripting, coding, and content development. Examples of complex analysis techniques include malware de-obfuscation, examining code, sandbox/dynamic analysis, and memory analysis.
Duties and Responsibilities:
- As a member of the DHS NCCIC National Cyber Exercise and Planning Program (NCEPP), build realistic, challenging, and relevant exercise scenarios that meet strategic and operational exercise objectives for state, local, territorial, tribal, federal, and international stakeholders.
- Provide end to end cyber exercise support including scheduling, coordinating, and conducting planning meetings, work group meetings, and exercise facilitation.
- Gather and analyze facts, draw conclusions, conduct analysis, devise recommended solutions, and package the entire process into briefings, papers, or reports suitable for executive- level leadership.
- Support full spectrum of cyber exercises including: Seminars/Workshops, Tabletop Exercises (TTX), Functional Exercises (FE) and Full-Scale Exercises (FSE).
- Represent the organization as the prime technical, cyber and exercise, contact during exercise planning, conduct, and post exercise. Interact with senior external personnel on significant technical matters often requiring coordination between organizations.
- Strong leadership experience or capacity required.
- Planning and conducting exercises and report preparation experience is required.
- Understanding of the various types of cyber threats and attack vectors, and the consequences of cyber attacks.
- Strong ability to schedule, announce, plan, coordinate and execute large-scale, dynamic planning conferences, work group meetings, interim progress reviews, teleconferences and both secure and unclassified video-teleconferences.
- Homeland Security Exercise and Evaluation Program (HSEEP) course.
- Cyber related certifications (CISSP, CompTIA Security +, etc.)
- Other FEMA emergency response or COOP training.
- Ability to lead a team of exercise planners during the planning and conduct of cyber exercises.
- Ability to produce results in a fast-paced environment with the ability to meet iterative deadlines.
- Ability to facilitate discussion based exercises for groups of up to 100 people.
XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and ACTIVE TOP SECRET CLEARANCE REQUIRED.