Network Forensic Analyst III
1 month ago
Network Forensic Analyst
Multi Year Salaried Contract
2-3 Weeks of Training in Arlington, VA
Consultants living within 50 miles of Arlington, VA will need to be onsite 1 time per week
Hybrid (2-3) days onsite for consultants living closer than 50 miles to Arlington, VA
The Clients Hunt and Incident Response Team (HIRT) secures the nations infrastructure. HIRT provides Clients front-line response for cyber incidents and proactive hunting for malicious cyber activity.
The Client . provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks. The Client provides HIRT advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation, using host and network-based cybersecurity analysis capabilities. Personnel perform investigations to characterize the level of severity of breaches and develop mitigation/remediation plans.
Responsibilities:
Assists the Government lead in coordinating teams in preliminary incident response investigations
Assists the Government lead with interfacing with the customer while on site
Determines appropriate courses of actions in response to identified and analyses anomalous network activity
Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
Assists with the writing and publishing of Computer Network Defense guidance and reports on incident findings to appropriate constituencies
Collects network intrusion artifacts (e.g., PCAP, domains, URIs, certificates, etc.) and uses discovered data to enable mitigation of potential Computer Network Defense incidents
Analyzes identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information
Collects network device integrity data and analyze for signs of tampering or compromise
Assists with real-time CND incident handling (i.e., forensic collections, intrusion correlation and tracking, threat analysis, and advising on system remediation) tasks to support onsite engagements
Assist with developing analytic solutions for mapping network traffic back to Threat TTPs
Provide input to the Government lead in developing processes, standards, WIs, or SOPs
Required Skills:
U.S. Citizenship
Must have an active TS/SCI clearance
Must be able to obtain Client Suitability
5+ years of directly relevant experience in network investigations
In depth knowledge of CND policies, procedures and regulations
In depth knowledge of TCP/IP protocols
In depth knowledge of standard protocols
ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS, etc.
In depth knowledge and experience of Wifi networking
In depth knowledge and experience of network topologies - DMZs, WANs, etc.
Substantial knowledge of Splunk (or other SIEMs)
Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (Telecommunication&CK)
Ability to characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
Ability to identify and analyze anomalies in network traffic using metadata
Experience with reconstructing a malicious attack or activity based on network traffic
Experience examining network topologies to understand data flows through the network
Must be able to travel domestically on short notice
Must be able to work collaboratively across physical locations
Desired Skills:
Substantial knowledge of network device integrity concepts and methodologies
Proficiency with network analysis software (e.g. Wireshark)
Proficiency with carving and extracting information from PCAP data
Proficiency with non-traditional network traffic (e.g. Command and Control)
Knowledge of ICS/OT protocols
Substantial knowledge of Arkime
Experience with network sensors (e.g., Corelight, Cisco FMC, Suricata)
Required Education:
BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 7-9 years of network investigations experience.
Desired Certifications:
- DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst, GCIA, GCIH, CSSP Analyst/CSSP Incident Responder
Please send your resume to janice.dicicco@ampcus.com
#J-18808-Ljbffr
-
Network Forensic Analyst III
6 days ago
Arlington, United States iTech Solutions Full timeNetwork Forensic Analyst Multi Year Salaried Contract 2-3 Weeks of Training in Arlington, VAConsultants living within 50 miles of Arlington, VA will need to be onsite 1 time per weekHybrid (2-3) days onsite for consultants living closer than 50 miles to Arlington, VAMust have ACTIVE TS Clearance The Client s Hunt and Incident Response Team (HIRT) secures the...
-
Network Forensic Analyst III
6 days ago
Arlington, United States Ampcus Incorporated Full timeNetwork Forensic Analyst Multi Year Salaried Contract 2-3 Weeks of Training in Arlington, VA Consultants living within 50 miles of Arlington, VA will need to be onsite 1 time per week Hybrid (2-3) days onsite for consultants living closer than 50 miles to Arlington, VA The Client’s Hunt and Incident Response Team (HIRT) secures the nation’s...
-
Network Forensics Cybersecurity Analyst
1 month ago
Arlington, United States Node.Digital Full timeJob DescriptionJob DescriptionNetwork Forensics Cybersecurity Analyst / Network Based Systems AnalystLocation: Arlington, VAMust have Top Secret Security ClearanceNode provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks and advanced technical assistance, proactive...
-
Cloud Network Defense Analyst
4 weeks ago
Arlington, United States Cytech Services Full timeJob DescriptionJob DescriptionCyber Technology Services, Inc. provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital...
-
Cloud Network Defense Analyst
4 weeks ago
Arlington, United States Cytech Services Full timeJob DescriptionJob DescriptionCyber Technology Services, Inc. provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital...
-
Cybersecurity Forensics Analyst
2 weeks ago
Arlington, United States Nine Mind Solutions Full timeWe are seeking Cybersecurity Forensics Analysts to support this critical customer mission. Eligibility: Must be a US Citizen Must have an active Secret clearance with the ability to obtain a TS/SCI clearance Must be able to obtain Client Entry on Duty (EOD) Suitability prior to starting Must have 8+ years of directly relevant experience in cyber...
-
Arlington, United States MicroSys LLC Full timePROGRAM DESCRIPTION:The DHS’s Hunt and Incident Response Team (HIRT) secures the nation’s infrastructure. HIRT provides DHS’s front-line response for cyber incidents and proactive hunting for malicious cyber activity. MicroSys provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience...
-
Cloud Network Defense Analyst
4 weeks ago
Arlington, United States CyTech Services Full timeCyber Technology Services, Inc. provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR)...
-
Arlington, United States Base One Technologies Full timeNetwork Based Systems Analyst, Level IIIThis project is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Candidates will perform investigations to characterize of the severity of...
-
Arlington, United States Nightwing Full timeDate Posted:2024-04-05Country:United States of AmericaLocation:VA149: 1110 N Glebe Road Arlington 1110 North Glebe Road Suite 630, Arlington, VA, 22201 USAPosition Role Type:Hybrid You have been redirected to RTX's career page as we have recently transitioned from RTX to become a standalone company, which provides us with greater autonomy and opportunities...
-
Cloud Forensics Analysts with Security Clearance
1 month ago
Arlington, United States Base One Technologies Full timeOur client is seeking Cloud Forensics Analysts (CFA) to support this critical customer mission. The CFA is a recently identified position for the HIRT and affords ample opportunities for training and career growth within the Cloud Forensics field. Responsibilities:• Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of...
-
Network Based Systems Analyst III
1 month ago
Arlington, United States Farfield Systems Full timeJob DescriptionJob DescriptionFarfield will assist the Federal staff within the Cybersecurity and Infrastructure Protection Agency (CISA) Hunt and Incident Response Team (HIRT), and National Cybersecurity and Assessment and Technical Services (NCATS) branches, with a broad set of support functions. The Hunt and Incident Response Team is DHS’s front line...
-
Arlington, United States Base One Technologies Full timeHost-Based Systems Analysts III, or Cyber-Forensics Systems Analysts with active DoD TS/SCI eligible security clearance.In this position you will:• Assist in preliminary analysis by tracing an activity to its source and documenting findings for input into a forensic report• Document original condition of digital and/or associated evidence by taking...
-
Arlington, United States Node.Digital Full timeJob DescriptionJob DescriptionHost Forensics Analysts/Host Based Systems AnalystLocation: Arlington, VAMust have Top Secret Security ClearanceNode provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis...
-
Network Based Systems Analyst
3 weeks ago
Arlington, United States Solutions³ LLC Full timeJob DescriptionJob DescriptionNetwork Based Systems Analyst - III - NBA03The DHS’s Hunt and Incident Response Team (HIRT) secures the Nation’s cyber and communications infrastructure. HIRT provides DHS’s front-line response for cyber incidents and proactively hunting for malicious cyber activity. Solutions3 Technologies (RTX), as a prime contractor to...
-
Network Based Systems Analyst
3 weeks ago
Arlington, United States Solutions³ LLC Full timeJob DescriptionJob DescriptionNetwork Based Systems Analyst - III - NBA03The DHS’s Hunt and Incident Response Team (HIRT) secures the Nation’s cyber and communications infrastructure. HIRT provides DHS’s front-line response for cyber incidents and proactively hunting for malicious cyber activity. Solutions3 Technologies (RTX), as a prime contractor to...
-
Cybersecurity Host Based Forensics Analyst
2 weeks ago
Arlington, United States Solutions3 Full timeTitle: Cybersecurity Host-Based Forensics Analyst (L4) Description: Solutions³ LLC is supporting our prime contractor and their U.S. Government customer's Hunt and Incident Response Team (HIRT) to assist in securing the Nation's cyber and communications infrastructure. The HIRT provides front-line response for cyber incidents and proactively hunting for...
-
Arlington, United States Farfield Systems, Inc Full timeFarfield will assist the Federal staff within the Cybersecurity and Infrastructure Protection Agency (CISA) Hunt and Incident Response Team (HIRT), and National Cybersecurity and Assessment and Technical Services (NCATS) branches, with a broad set of support functions. The Hunt and Incident Response Team is DHS's front line when responding to cyber incidents...
-
Cybersecurity Host Based Forensics Analyst
1 month ago
Arlington, United States Solutions³ LLC Full timeJob DescriptionJob DescriptionTitle: Cybersecurity Host-Based Forensics Analyst (L4)Description:Solutions³ LLC is supporting our prime contractor and their U.S. Government customer’s Hunt and Incident Response Team (HIRT) to assist in securing the Nation’s cyber and communications infrastructure. The HIRT provides front-line response for cyber...
-
Cyber Network Defense Analysts
4 weeks ago
Arlington, United States BCMC Full timeBCMC provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for...