|
Search Jobvertise Jobs
|
Jobvertise
|
Forensics Analyst Host Based Location: US-VA-Arlington Email this job to a friend
Report this Job
Salary:$75-85/hr Location: Arlington, VA Clearance: Secret We are seeking a Senior Cybersecurity Host-Based Systems Analyst to perform investigations to develop a preliminary diagnosis of the severity of breaches. Qualifications: - Must have 8+ years of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools
- Experience with reconstructing a malicious attack or activity
- Ability to characterize and analyze network traffic, identify anomalous activity / potential threats, analyze anomalies in network traffic using metadata
- Ability to create forensically sound duplicates of evidence (forensic images)
- Able to write cyber investigative reports documenting forensics findings
- In depth knowledge and experience of:
- identifying different classes and characterization of attacks and attack stages
- CND policies, procedures and regulations
- proactive analysis of systems and networks, to include creating trust levels of critical resources
- system and application security threats and vulnerabilities
- of network topologies, Wi-Fi Networking, and TCP/IP protocols
- Splunk (or other SIEMs)
- Vulnerability scanning, assessment and monitoring tools such as Security Center, Nessus, and Endgame
- MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
- Must be able to work collaboratively across physical locations.
Responsibilities: - Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
- Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
- Collects network intrusion artifacts (e.g., PCAP, domains, URI's, certificates, etc.) and uses discovered data to enable mitigation of potential incidents
- Collects network device integrity data and analyze for signs of tampering or compromise
- Analyzes identified malicious network and system log activity to determine weaknesses exploited, exploitation methods, effects on system and information
- Tracking and documenting on-site incident response activities and providing updates to leadership through executive summaries and in-depth technical reports
- Planning, coordinating, and directing the inventory, examination, and comprehensive technical analysis of computer related evidence
- Serving as technical forensics liaison to stakeholders and explaining investigation details
Nine Mind Solutions
|