Current jobs related to Digital Forensics SOC Analyst III - Crownsville - Transcend Business Solutions
-
Cyber Threat Intelligence Analyst
3 weeks ago
Crownsville, Maryland, United States Integres, LLC Full timeJob Title: Cyber Threat Intelligence AnalystIntegres, LLC is seeking a highly skilled Cyber Threat Intelligence Analyst to join our team. As a Cyber Threat Intelligence Analyst, you will be responsible for conducting all-source analysis, digital forensics, and targeted research to identify, monitor, assess, and counter the threat posed by criminal cyber...
-
Cyber Threat Intel Analyst
3 weeks ago
Crownsville, Maryland, United States iQuasar Full timeCyber Threat Intel AnalystiQuasar, LLC is seeking a highly skilled Cyber Threat Intel Analyst to join our team in Crownsville, MD. As a Cyber Threat Intel Analyst, you will be responsible for conducting all-source analysis, digital forensics, and targeted research to identify, monitor, assess, and counter the threat posed by criminal cyber...
-
Cyber Threat Intelligence Analyst
3 weeks ago
Crownsville, Maryland, United States DMI Full timeAbout the OpportunityDMI is seeking a Cyber Threat Intelligence Analyst to support a state customer.Duties and Responsibilities:Conduct all-source analysis, digital forensics, and targeted research to identify, monitor, assess, and counter the threat posed by criminal cyber actors.Utilize threat intelligence platforms and tools to mitigate potential threats...
-
Cyber Threat Intelligence Specialist
3 weeks ago
Crownsville, Maryland, United States Integres Full timeJob Summary:Integres, LLC is seeking a highly skilled Cyber Threat Intelligence Specialist to join our team. As a key member of our cybersecurity team, you will be responsible for conducting all-source analysis, digital forensics, and targeted research to identify, monitor, assess, and counter the threat posed by criminal cyber actors.Key Responsibilities:...
-
Cybersecurity Coordinator Manager
1 month ago
Crownsville, Maryland, United States DMI (Digital Management, LLC) Full timeAbout DMIDMI is a leading global provider of digital services, operating at the intersection of public and private sectors. With a broad range of capabilities across IT managed services, cybersecurity, cloud migration, and application development, DMI delivers on-site and remote support to clients within governments, healthcare, financial services,...
-
Cybersecurity Coordinator Manager
4 weeks ago
Crownsville, Maryland, United States DMI (Digital Management, LLC) Full timeAbout DMIDMI is a leading global provider of digital services, working at the intersection of public and private sectors. With broad capabilities across IT managed services, cybersecurity, cloud migration, and application development, DMI provides on-site and remote support to clients within governments, healthcare, financial services, transportation,...
-
Cybersecurity Coordinator Manager
1 month ago
Crownsville, United States DMI (Digital Management, LLC) Full timeAbout DMI DMI is a leading global provider of digital services working at the intersection of public and private sectors. With broad capabilities across IT managed services, cybersecurity, cloud migration and application development, DMI provides on-site and remote support to clients within governments, healthcare, financial services,...
-
Cybersecurity Coordinator Manager
2 weeks ago
Crownsville, Maryland, United States DMI Full timeAbout DMIDMI is a leading global provider of digital services, working at the intersection of public and private sectors. With broad capabilities across IT managed services, cybersecurity, cloud migration, and application development, DMI provides on-site and remote support to clients within governments, healthcare, financial services, transportation,...
Digital Forensics SOC Analyst III
4 months ago
Location: 100% Onsite: Crownsville, MD
US Citizens Only
Government Agency client is seeking a Digital Forensics SOC Analyst III. The role will work closely with Government counterparts to provide support in cybersecurity incident response, mitigation, analysis, & information dissemination. Provide analysts Tier 3 support, systems, and network forensic investigation support for the Security Operations Center (SOC) activities. Work as a technical leader within the State of Maryland DoIT SOC & responsible for maintaining the integrity of the cybersecurity related analysis. This role will be responsible for performing the following tasks:
Duties and Responsibilities:
- Report to Director of Security Operations or his/her designee
- Provide SOC Analyst Tier 3 escalation support
- Plan, initiate, and conduct investigations for cybersecurity incidents response efforts
- Perform forensic examinations on compromised systems
- Understand and use forensic tools and techniques for cybersecurity incidents
- Create forensic root cause and scope of impact analysis reports
- Contribute to technical briefings on the details of forensics exams and report
- Provide support in conducting malware analysis of attacker tools
- Stay current on incident response and digital forensics skills, best practices, and tools
- Train SOC analysts on usage of SIEM tools (Splunk), and basic event analysis
- Develop rules and tune SIEM and related tools to streamline the event analysis done by the SOC
- Assist developing new processes and procedures for SOC monitoring
- Monitor networks for threats from external and internal sources
- Analyze network traffic of compromised systems and networks
- Correlate actionable security events from various sources
- Review threat data and develop custom detection signatures
- Gather and analyze threat intelligence data and conduct threat hunting
- Understand cybersecurity attacks and tactics, techniques, and procedures (TTPs) associated with advanced threats
- Communicate clearly with Government counterparts, and SOC customers
- Development and implementation and operational and technical incident response processes, procedure, guidance, and standards
- Ability to work outside of regular business hours, the role may require on-call support after regular business hours or weekends.
- Bachelor’s degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering or related scientific or technical discipline and 4+ years of experience. Associate degree and/or cyber courses/certifications or 5 years of experience in directly related fields may be substituted in lieu of bachelor’s degree
- Hands-on experience with security monitoring and SIEMs tools - Splunk Enterprise Security is preferred
- Demonstrated working knowledge of cyber forensics and incident handling best practice processes, procedures, standards, and techniques
- Hands-on experience with forensics image capture tools i.e., FTK Imager, MAGNET ACQUIRE
- Hands-on experience with system image/file system/registry forensics tools i.e., Encase, FTK, X-Ways, Magnet AXIOM, Sleuthkit, Access Data Registry Viewer, Registry Recon, or other)
- Hands-on experience with PCAP analysis tools i.e., Wireshark, TCP Dump, Network Miner, Xplico, or other
- Hands-on experience with memory forensics tools i.e., BlackLight, Volatility, SANS SIFT, Magnet RAM Capture, or FireEye Memoryze, CrowdStrike Crowd Response
- Hands-on experience with Endpoint Detection & Response solutions - Tanium Threat Response, McAfee or other
- Practical hands-on experience with static in malware analysis
- Hands-on experience with malware anti-forensics, obfuscation, packing techniques
- Hands-on experience with malware Analysis - Miscellaneous dynamic & static analysis tools (IDA Pro, Ghidra, OllyDBG, WinHex, HexEdit, HexDump, PeSTudio, REMux, OLEDUMP)
- Hands-on experience with Custom Signature Creation - YARA
- Scripting/Programming experience - Python, Perl, C, C++, Go
- Highly desired industry certifications include Certified Forensics Computer Examiner (CFCE), Computer Hacking Forensic Investigator (CHFI), GIAC Certified Forensic Examiner (GCFE), Certified Computer Examiner (CCE)
- Relevant industry certifications such as Certified Ethical Hacker (CEH), GIAC Reverse Engineering Malware (GREM), Certified Reverse Engineering Analyst (CREA) etc.
