Threat Hunt and Forensics Analyst - Senior na ECS Technology Services (ecstech.com)
ECS Technology Services (ecstech.com) · Washington, Estados Unidos Da América · Onsite
- Senior
- Escritório em Washington
ECS is seeking a Cyber Defense Threat Hunt and Forensics Analysts Sr. to work in our Washington, DC office.
- Identify threat tactics, methodologies, gaps, and shortfalls aligned with the MITRE ATT&CK Framework and the Azure Threat Research Matrix (ATRM).
- Perform Hypothesis-based or Intelligence-based Cyber Threat Hunts to identify threats and risks within environments.
- Use cloud-native techniques and methods to identify and create threat detections for automated response activities.
- Use Agile methodology to organize intelligence, hunts and project status.
- Be able to independently research intelligence reports to find actionable data for conducting intel or hypothesis-based hunts.
- Explore and correlate large data sets to uncover novel attack techniques, monitor and catalog changes in activity group tradecraft, and investigate alerts for enterprise customers.
- Conduct analysis of log files, evidence, and other information to determine the best methods for identifying the perpetrator(s) of a network intrusion.
- Confirm what is known about an intrusion and discover new information, if possible, after identifying intrusion via dynamic analysis.
- Create a forensically sound duplicate of the evidence (i.e., forensic image) that ensures the original evidence is not unintentionally modified, to use for data recovery and analysis processes.
- Provide a technical summary of findings in accordance with established reporting procedures.
- Ensure that chain of custody is followed for all digital media acquired in accordance with the Federal Rules of Evidence.
- Recognize and accurately report forensic artifacts indicative of a particular operating system.
- Extract data using data carving techniques (e.g., Forensic Tool Kit [FTK], Foremost).
- Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
Salary Range: $107,000 - $130,000
General Description of Benefits
Candidatar-se agora