Network Forensic Analyst III

1 month ago

Arlington, United States CareerBuilder Full time

Network Forensic Analyst

Multi Year Salaried Contract

2-3 Weeks of Training in Arlington, VA

Consultants living within 50 miles of Arlington, VA will need to be onsite 1 time per week

Hybrid (2-3) days onsite for consultants living closer than 50 miles to Arlington, VA

The Clients Hunt and Incident Response Team (HIRT) secures the nations infrastructure. HIRT provides Clients front-line response for cyber incidents and proactive hunting for malicious cyber activity.

The Client . provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks. The Client provides HIRT advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation, using host and network-based cybersecurity analysis capabilities. Personnel perform investigations to characterize the level of severity of breaches and develop mitigation/remediation plans.

Responsibilities:

Assists the Government lead in coordinating teams in preliminary incident response investigations

Assists the Government lead with interfacing with the customer while on site

Determines appropriate courses of actions in response to identified and analyses anomalous network activity

Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations

Assists with the writing and publishing of Computer Network Defense guidance and reports on incident findings to appropriate constituencies

Collects network intrusion artifacts (e.g., PCAP, domains, URIs, certificates, etc.) and uses discovered data to enable mitigation of potential Computer Network Defense incidents

Analyzes identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information

Collects network device integrity data and analyze for signs of tampering or compromise

Assists with real-time CND incident handling (i.e., forensic collections, intrusion correlation and tracking, threat analysis, and advising on system remediation) tasks to support onsite engagements

Assist with developing analytic solutions for mapping network traffic back to Threat TTPs

Provide input to the Government lead in developing processes, standards, WIs, or SOPs

Required Skills:

U.S. Citizenship

Must have an active TS/SCI clearance

Must be able to obtain Client Suitability

5+ years of directly relevant experience in network investigations

In depth knowledge of CND policies, procedures and regulations

In depth knowledge of TCP/IP protocols

In depth knowledge of standard protocols

ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS, etc.

In depth knowledge and experience of Wifi networking

In depth knowledge and experience of network topologies - DMZs, WANs, etc.

Substantial knowledge of Splunk (or other SIEMs)

Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (Telecommunication&CK)

Ability to characterize and analyze network traffic to identify anomalous activity and potential threats to network resources

Ability to identify and analyze anomalies in network traffic using metadata

Experience with reconstructing a malicious attack or activity based on network traffic

Experience examining network topologies to understand data flows through the network

Must be able to travel domestically on short notice

Must be able to work collaboratively across physical locations

Desired Skills:

Substantial knowledge of network device integrity concepts and methodologies

Proficiency with network analysis software (e.g. Wireshark)

Proficiency with carving and extracting information from PCAP data

Proficiency with non-traditional network traffic (e.g. Command and Control)

Knowledge of ICS/OT protocols

Substantial knowledge of Arkime

Experience with network sensors (e.g., Corelight, Cisco FMC, Suricata)

Required Education:

BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 7-9 years of network investigations experience.

Desired Certifications:

- DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst, GCIA, GCIH, CSSP Analyst/CSSP Incident Responder

Please send your resume to janice.dicicco@ampcus.com

#J-18808-Ljbffr

  • Network Forensic Analyst III

    6 days ago

    Arlington, United States iTech Solutions Full time

    Network Forensic Analyst Multi Year Salaried Contract 2-3 Weeks of Training in Arlington, VAConsultants living within 50 miles of Arlington, VA will need to be onsite 1 time per weekHybrid (2-3) days onsite for consultants living closer than 50 miles to Arlington, VAMust have ACTIVE TS Clearance The Client s Hunt and Incident Response Team (HIRT) secures the...

  • Network Forensic Analyst III

    6 days ago

    Arlington, United States Ampcus Incorporated Full time

    Network Forensic Analyst  Multi Year Salaried Contract  2-3 Weeks of Training in Arlington, VA Consultants living within 50 miles of Arlington, VA will need to be onsite 1 time per week Hybrid (2-3) days onsite for consultants living closer than 50 miles to Arlington, VA The Client’s Hunt and Incident Response Team (HIRT) secures the nation’s...

  • Network Forensics Cybersecurity Analyst

    1 month ago

    Arlington, United States Node.Digital Full time

    Job DescriptionJob DescriptionNetwork Forensics Cybersecurity Analyst / Network Based Systems AnalystLocation: Arlington, VAMust have Top Secret Security ClearanceNode provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks and advanced technical assistance, proactive...

  • Cloud Network Defense Analyst

    4 weeks ago

    Arlington, United States Cytech Services Full time

    Job DescriptionJob DescriptionCyber Technology Services, Inc. provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital...

  • Cloud Network Defense Analyst

    4 weeks ago

    Arlington, United States Cytech Services Full time

    Job DescriptionJob DescriptionCyber Technology Services, Inc. provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital...

  • Cybersecurity Forensics Analyst

    2 weeks ago

    Arlington, United States Nine Mind Solutions Full time

    We are seeking Cybersecurity Forensics Analysts to support this critical customer mission. Eligibility: Must be a US Citizen Must have an active Secret clearance with the ability to obtain a TS/SCI clearance Must be able to obtain Client Entry on Duty (EOD) Suitability prior to starting Must have 8+ years of directly relevant experience in cyber...

  • Network Based Cyber Forensics Analyst with Security Clearance

    1 month ago

    Arlington, United States MicroSys LLC Full time

    PROGRAM DESCRIPTION:The DHS’s Hunt and Incident Response Team (HIRT) secures the nation’s infrastructure. HIRT provides DHS’s front-line response for cyber incidents and proactive hunting for malicious cyber activity. MicroSys provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience...

  • Cloud Network Defense Analyst

    4 weeks ago

    Arlington, United States CyTech Services Full time

    Cyber Technology Services, Inc. provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR)...

  • Network Based Systems Analyst, Level III with Security Clearance

    1 month ago

    Arlington, United States Base One Technologies Full time

    Network Based Systems Analyst, Level IIIThis project is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Candidates will perform investigations to characterize of the severity of...

  • Cyber Network Forensic Analyst II with Security Clearance

    6 days ago

    Arlington, United States Nightwing Full time

    Date Posted:2024-04-05Country:United States of AmericaLocation:VA149: 1110 N Glebe Road Arlington 1110 North Glebe Road Suite 630, Arlington, VA, 22201 USAPosition Role Type:Hybrid You have been redirected to RTX's career page as we have recently transitioned from RTX to become a standalone company, which provides us with greater autonomy and opportunities...

  • Cloud Forensics Analysts with Security Clearance

    1 month ago

    Arlington, United States Base One Technologies Full time

    Our client is seeking Cloud Forensics Analysts (CFA) to support this critical customer mission. The CFA is a recently identified position for the HIRT and affords ample opportunities for training and career growth within the Cloud Forensics field. Responsibilities:• Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of...

  • Network Based Systems Analyst III

    1 month ago

    Arlington, United States Farfield Systems Full time

    Job DescriptionJob DescriptionFarfield will assist the Federal staff within the Cybersecurity and Infrastructure Protection Agency (CISA) Hunt and Incident Response Team (HIRT), and National Cybersecurity and Assessment and Technical Services (NCATS) branches, with a broad set of support functions. The Hunt and Incident Response Team is DHS’s front line...

  • Host-Based Systems Analysts III with Security Clearance

    1 month ago

    Arlington, United States Base One Technologies Full time

    Host-Based Systems Analysts III, or Cyber-Forensics Systems Analysts with active DoD TS/SCI eligible security clearance.In this position you will:• Assist in preliminary analysis by tracing an activity to its source and documenting findings for input into a forensic report• Document original condition of digital and/or associated evidence by taking...

  • Host Forensics Analysts/Host Based Systems Analyst

    1 month ago

    Arlington, United States Node.Digital Full time

    Job DescriptionJob DescriptionHost Forensics Analysts/Host Based Systems AnalystLocation: Arlington, VAMust have Top Secret Security ClearanceNode provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis...

  • Network Based Systems Analyst

    3 weeks ago

    Arlington, United States Solutions³ LLC Full time

    Job DescriptionJob DescriptionNetwork Based Systems Analyst - III - NBA03The DHS’s Hunt and Incident Response Team (HIRT) secures the Nation’s cyber and communications infrastructure. HIRT provides DHS’s front-line response for cyber incidents and proactively hunting for malicious cyber activity. Solutions3 Technologies (RTX), as a prime contractor to...

  • Network Based Systems Analyst

    3 weeks ago

    Arlington, United States Solutions³ LLC Full time

    Job DescriptionJob DescriptionNetwork Based Systems Analyst - III - NBA03The DHS’s Hunt and Incident Response Team (HIRT) secures the Nation’s cyber and communications infrastructure. HIRT provides DHS’s front-line response for cyber incidents and proactively hunting for malicious cyber activity. Solutions3 Technologies (RTX), as a prime contractor to...

  • Cybersecurity Host Based Forensics Analyst

    2 weeks ago

    Arlington, United States Solutions3 Full time

    Title: Cybersecurity Host-Based Forensics Analyst (L4) Description: Solutions³ LLC is supporting our prime contractor and their U.S. Government customer's Hunt and Incident Response Team (HIRT) to assist in securing the Nation's cyber and communications infrastructure. The HIRT provides front-line response for cyber incidents and proactively hunting for...

  • Network Based Systems Analyst III with Security Clearance

    1 month ago

    Arlington, United States Farfield Systems, Inc Full time

    Farfield will assist the Federal staff within the Cybersecurity and Infrastructure Protection Agency (CISA) Hunt and Incident Response Team (HIRT), and National Cybersecurity and Assessment and Technical Services (NCATS) branches, with a broad set of support functions. The Hunt and Incident Response Team is DHS's front line when responding to cyber incidents...

  • Cybersecurity Host Based Forensics Analyst

    1 month ago

    Arlington, United States Solutions³ LLC Full time

    Job DescriptionJob DescriptionTitle: Cybersecurity Host-Based Forensics Analyst (L4)Description:Solutions³ LLC is supporting our prime contractor and their U.S. Government customer’s Hunt and Incident Response Team (HIRT) to assist in securing the Nation’s cyber and communications infrastructure. The HIRT provides front-line response for cyber...

  • Cyber Network Defense Analysts

    4 weeks ago

    Arlington, United States BCMC Full time

    BCMC provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for...