Host Based Systems Analyst III bei Solutions³ LLC
Solutions³ LLC · Arlington, Vereinigte Staaten Von Amerika · Hybrid
- Senior
- Optionales Büro in Arlington
Title: Host Based Systems Analyst III
Description:
Solutions³ LLC is supporting our prime contractor and their U.S. Government customer on a large mission-critical provide remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based, and cloud-based cybersecurity analysis capabilities. Personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. Solutions³ LLC is seeking Host Forensics Analysts to support this critical customer mission.
Eligibility:
Required Education: BS in Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 7+ years of host or digital forensics experience
Jetzt bewerben
Description:
Solutions³ LLC is supporting our prime contractor and their U.S. Government customer on a large mission-critical provide remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based, and cloud-based cybersecurity analysis capabilities. Personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. Solutions³ LLC is seeking Host Forensics Analysts to support this critical customer mission.
Eligibility:
- Must be a US Citizen
- Must have an active TS/SCI clearance
- Must be able to obtain DHS Suitability prior to starting employment
- 5+ years of direct relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools
- Assists with leading and coordinating forensic teams in preliminary investigations
- Plans, coordinates and directs the inventory, examination and comprehensive technical analysis of computer related evidence
- Distills analytic findings into executive summaries and in-depth technical reports
- Serves as technical forensics liaison to stakeholders and explains investigation details to include forensic methodologies and protocols
- Tracks and documents on-site incident response activities and provides updates to leadership throughout the engagement
- Evaluates, extracts and analyzes suspected malicious code
- Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements
- Triage electronic devices and assess evidentiary value
- Correlate forensic findings to network events in support of developing an intrusion narrative
- Collect and document system state information (e.g. running processes, network connections) prior to imaging, as required
- Perform forensic triage of an incident to include determining scope, urgency and potential impact
- Track and document forensic analysis from initial participation through resolution
- Collect, process, preserve, analyze and present computer related evidence
- Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products
- Assist in documenting and publishing Computer Network Defense (CND) guidance and reports pertaining to incident findings
- Proficiency with two or more of the following tools:
- EnCase
- FTK
- SIFT
- X-Ways
- Volatility
- WireShark
- Sleuth Kit/Autopsy
- Splunk
- Snort
- Other EDR Tools (Crowdstrike, Carbon Black, etc)
- Proficiency conducting all-source research.
- Strong API and scripting skills (PowerShell, Python, Bash, JavaScript) for automation and threat detection.
- Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats.
- Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, CloudFormation, Azure Resource Manager, Docker).
Required Education: BS in Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 7+ years of host or digital forensics experience
Jetzt bewerben
