Cybersecurity Forensics Analyst
3 weeks ago
We are seeking Cybersecurity Forensics Analysts to support this critical customer mission.
Eligibility:
- Must be a US Citizen
- Must have an active Secret clearance with the ability to obtain a TS/SCI clearance
- Must be able to obtain Client Entry on Duty (EOD) Suitability prior to starting
- Must have 8+ years of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
- Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
- Collects network intrusion artifacts (e.g., PCAP, domains, URI's, certificates, etc.) and uses discovered data to enable mitigation of potential incidents
- Collects network device integrity data and analyze for signs of tampering or compromise
- Analyzes identified malicious network and system log activity to determine weaknesses exploited, exploitation methods, effects on system and information
- Tracking and documenting on-site incident response activities and providing updates to leadership through executive summaries and in-depth technical reports
- Planning, coordinating, and directing the inventory, examination, and comprehensive technical analysis of computer related evidence
- Serving as technical forensics liaison to stakeholders and explaining investigation details
Required Skills:
- Experience with reconstructing a malicious attack or activity
- Ability to characterize and analyze network traffic, identify anomalous activity / potential threats, analyze anomalies in network traffic using metadata
- Ability to create forensically sound duplicates of evidence (forensic images)
- Able to write cyber investigative reports documenting forensics findings
- In depth knowledge and experience of:
- identifying different classes and characterization of attacks and attack stages
- CND policies, procedures and regulations
- proactive analysis of systems and networks, to include creating trust levels of critical resources
- system and application security threats and vulnerabilities
- of network topologies, Wi-Fi Networking, and TCP/IP protocols
- Splunk (or other SIEMs)
- Vulnerability scanning, assessment and monitoring tools such as Security Center, Nessus, and Endgame
- MITRE Adversary Tactics, Techniques and Common Knowledge (Telecommunication&CK)
- Must be able to work collaboratively across physical locations.
- Experience and proficiency with the following tools and techniques: EnCase, FTK, SIFT, X-Ways, Volatility, WireShark, Sleuth Kit/Autopsy, and Snort
- EDR Tools: Crowdstrike, Carbon Black, Etc
- Carving and extracting information from PCAP data
- Non-traditional network traffic: Command and Control • Preserving evidence integrity according to national standards • Designing cyber security systems and environments in a Linux environment • Virtualized environments • Conducting all-source research
Desired Certifications: GCFA, GCFE, EnCE, CCE, CFCE, CEH, CCNA, CCSP, CCIE, OSCP, GNF
-
Cybersecurity Host Based Forensics Analyst
3 weeks ago
Arlington, United States Solutions3 Full timeTitle: Cybersecurity Host-Based Forensics Analyst (L4) Description: Solutions³ LLC is supporting our prime contractor and their U.S. Government customer's Hunt and Incident Response Team (HIRT) to assist in securing the Nation's cyber and communications infrastructure. The HIRT provides front-line response for cyber incidents and proactively hunting for...
-
Cybersecurity Host Based Forensics Analyst
2 months ago
Arlington, United States Solutions³ LLC Full timeJob DescriptionJob DescriptionTitle: Cybersecurity Host-Based Forensics Analyst (L4)Description:Solutions³ LLC is supporting our prime contractor and their U.S. Government customer’s Hunt and Incident Response Team (HIRT) to assist in securing the Nation’s cyber and communications infrastructure. The HIRT provides front-line response for cyber...
-
Network Forensics Cybersecurity Analyst
2 months ago
Arlington, United States Node.Digital Full timeJob DescriptionJob DescriptionNetwork Forensics Cybersecurity Analyst / Network Based Systems AnalystLocation: Arlington, VAMust have Top Secret Security ClearanceNode provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks and advanced technical assistance, proactive...
-
Arlington, United States Node.Digital Full timeJob DescriptionJob DescriptionHost Forensics Analysts/Host Based Systems AnalystLocation: Arlington, VAMust have Top Secret Security ClearanceNode provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis...
-
Cloud Forensics Analysts with Security Clearance
1 month ago
Arlington, United States Base One Technologies Full timeOur client is seeking Cloud Forensics Analysts (CFA) to support this critical customer mission. The CFA is a recently identified position for the HIRT and affords ample opportunities for training and career growth within the Cloud Forensics field. Responsibilities:• Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of...
-
Cloud Network Defense Analyst
1 month ago
Arlington, United States Cytech Services Full timeJob DescriptionJob DescriptionCyber Technology Services, Inc. provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital...
-
Cloud Network Defense Analyst
1 month ago
Arlington, United States Cytech Services Full timeJob DescriptionJob DescriptionCyber Technology Services, Inc. provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital...
-
Network Forensic Analyst III
2 weeks ago
Arlington, United States iTech Solutions Full timeNetwork Forensic Analyst Multi Year Salaried Contract 2-3 Weeks of Training in Arlington, VAConsultants living within 50 miles of Arlington, VA will need to be onsite 1 time per weekHybrid (2-3) days onsite for consultants living closer than 50 miles to Arlington, VAMust have ACTIVE TS Clearance The Client s Hunt and Incident Response Team (HIRT) secures the...
-
Cloud Network Defense Analyst
1 month ago
Arlington, United States CyTech Services Full timeCyber Technology Services, Inc. provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR)...
-
Cybersecurity Engineer
2 weeks ago
North Arlington, United States Gray Tier Technologies LLC Full timeCybersecurity Analyst Gray Tier Technologies is seeking an experienced Cybersecurity Analyst on The Enterprise and Cyber Solutions (E&CS) Operation. The team is seeking a Cybersecurity Analyst to support the implementation and administration of information security policies, procedures, and technologies to ensure the protection of systems, applications, and...
-
Network Forensic Analyst III
2 weeks ago
Arlington, United States Ampcus Incorporated Full timeNetwork Forensic Analyst Multi Year Salaried Contract 2-3 Weeks of Training in Arlington, VA Consultants living within 50 miles of Arlington, VA will need to be onsite 1 time per week Hybrid (2-3) days onsite for consultants living closer than 50 miles to Arlington, VA The Client’s Hunt and Incident Response Team (HIRT) secures the nation’s...
-
Network Forensic Analyst III
3 days ago
Arlington, United States Ampcus Incorporated Full timeNetwork Forensic Analyst Multi Year Salaried Contract 2-3 Weeks of Training in Arlington, VA Consultants living within 50 miles of Arlington, VA will need to be onsite 1 time per week Hybrid (2-3) days onsite for consultants living closer than 50 miles to Arlington, VA Must have ACTIVE TS Clearance The Client’s Hunt and Incident Response Team...
-
Arlington, United States Nightwing Full timeDate Posted:2024-04-05Country:United States of AmericaLocation:VA149: 1110 N Glebe Road Arlington 1110 North Glebe Road Suite 630, Arlington, VA, 22201 USAPosition Role Type:Hybrid You have been redirected to RTX's career page as we have recently transitioned from RTX to become a standalone company, which provides us with greater autonomy and opportunities...
-
Arlington, United States MicroSys LLC Full timePROGRAM DESCRIPTION:The DHS’s Hunt and Incident Response Team (HIRT) secures the nation’s infrastructure. HIRT provides DHS’s front-line response for cyber incidents and proactive hunting for malicious cyber activity. MicroSys provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience...
-
Host Based Systems Analyst
4 weeks ago
Arlington, United States Solutions³ LLC Full timeJob DescriptionJob DescriptionHost Based Systems Analyst - IV -HBA04The DHS’s Hunt and Incident Response Team (HIRT) secures the Nation’s cyber and communications infrastructure. HIRT provides DHS’s front line response for cyber incidents and proactively hunting for malicious cyber activity. Solutions3 Technologies (RTX), as a prime contractor to DHS,...
-
Arlington, United States Base One Technologies Full timeHost-Based Systems Analysts III, or Cyber-Forensics Systems Analysts with active DoD TS/SCI eligible security clearance.In this position you will:• Assist in preliminary analysis by tracing an activity to its source and documenting findings for input into a forensic report• Document original condition of digital and/or associated evidence by taking...
-
Senior Cybersecurity Watch Analyst
2 weeks ago
Arlington, United States iTech Solutions Full timeSenior Cybersecurity Watch AnalystContract RoleRequiredTop Secret SCI Clearance RequiredLocation: On-Site in Arlington, VABS in computer science or related field or four-year equivalent training and with at least 3 years experience in the field of cybersecurity or 5-8 years of experience in the fieldIAT Level III (CASP + CE, CCNP, CISA, CISSP GCED, GCIH,...
-
Host-Based Systems Analyst
4 weeks ago
Arlington, United States Node Full timeHost-Based Systems Analyst Location: Arlington, VA Must have an active Top Secret Security Clearance Node provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based, and cloud-based cybersecurity analysis capabilities. Team personnel...
-
Cyber Network Defense Analysts
1 month ago
Arlington, United States BCMC Full timeBCMC provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for...
-
Arlington, United States Base One Technologies Full timeOur Arlington VA based client is looking for a Host Based Systems Analyst Level II. If you are qualified for this position, please email your updated resume in word format to Working location: Arlington VA Host Based Systems Analyst Level IISecurity ClearanceActive Top Secret w SCI Core Competencies:Uses leading edge technology and industry standard...