ICS Incident Response Analyst at GRAMMATECH

GrammaTech is a provider of software solutions and software research, development, and engineering services solving some of the world’s most complex security problems.

GrammaTech is looking for an Incident Response Analyst to work onsite at customer locations.

Location: Arlington, VA. Hybrid Role, available to be on-site as needed.

Important:  Candidates must be a US citizen with ability to obtain a TS SCI and must be willing to work onsite as required.

• Respond to cybersecurity incidents for ICS/OT/IT environments and provide recommendations to affected entities to prevent the reoccurrence of these incidents within a variety of critical infrastructure sectors.
• Apply traditional incident response and threat hunting tradecraft to industrial control system/critical infrastructure environments.
• Participate in highly technical operations and forensic analysis.
• Provide industry experience and expertise in sectors such as:  Water, Power and Transportation.
• Work in a team environment to meet the mission requirements for both incident response and threat hunting engagements.
• Maintain accurate records of incident response activities and findings.
• Prepare and deliver incident reports to management and stakeholders.
• Keep current with latest security trends and news to continually improve hunt and incident response operations.

Required

• Bachelor’s degree and 8+ years related technical experience, or Master’s degree and minimum of 6 years’ experience or PhD and 3 years’ experience. 12 years of experience may be substituted in lieu of degree.
• 1-2 years of Threat Hunting or DFIR experience directly supporting Critical Infrastructure (CI) / Industrial Control System (ICS) environments.
• Python, Bash, PowerShell, and/or JavaScript scripting experience.
• Experience examining malicious applications on operating systems such as Linux, Mac, Windows, IOS, Android and IOT network devices.
• Experience conducting security site assessments and scoping.
• Experience with a variety of the following tools: Ida-Pro, Ollydbg, X64dbg, Scyllax64, Objdump, Readelf, Ghidra, Process Explorer, CFF Explorer, Wireshark, Fiddler, Regshot, Process Monitor, and Process Hacker.
• Experience with the common open source and commercial tools used in security event analysis and other areas of security operations.
• Prior experience using a SIEM tool for pattern identification, anomaly detection, and trend analysis.
• Prior experience analyzing a variety of industrial control systems network protocols, including but not limited to: ModBus, ENIP/CIP, BACnet, DNP3.
• US citizenship with ability to obtain TS SCI.
• Able to obtain and maintain a favorably adjudicated DHS background investigation (EOD).

Preferred:

• Active Top Secret Security Clearance

The base salary range for this position is $161,000 to $200,000 per year. This range is based on the Company's good faith estimate at the time of posting. Actual salary will take into consideration various factors such as role level, experience, expertise, and education.

We offer a generous benefits package that include medical, dental, vision, short- and long term disability benefits, life insurance and a 401(k) plan with company contribution. The total rewards package includes paid holiday and PTO and may include merit increases and incentive compensation plans.

About the Company

Innovation is at the heart of GrammaTech, and we are constantly pushing the boundaries of software research and development - from software assurance and cybersecurity to software synthesis and maintenance. We develop new technologies and see the results of our research incorporated into tools used by engineers and security professionals worldwide.

GrammaTech was founded in 1988, with the firmly grounded purpose of helping today's organizations develop tomorrow’s software. With a focus on the evolving cybersecurity landscape, software hardening and intelligent systems, we tackle the most challenging software issues through a constant stream of highly innovative research and commercial development.

GrammaTech, Inc. is an Equal Opportunity/Disability/Veterans employer