Platzhalter Bild

Threat Hunt and Forensics Analyst - Senior na ECS Technology Services (ecstech.com)

ECS Technology Services (ecstech.com) · Washington, Estados Unidos Da América · Onsite

US$ 107.000,00  -  US$ 130.000,00

Candidatar-se agora

ECS is seeking a Cyber Defense Threat Hunt and Forensics Analysts Sr. to work in our Washington, DC office.  

  • Identify threat tactics, methodologies, gaps, and shortfalls aligned with the MITRE ATT&CK Framework and the Azure Threat Research Matrix (ATRM).
  • Perform Hypothesis-based or Intelligence-based Cyber Threat Hunts to identify threats and risks within environments.
  • Use cloud-native techniques and methods to identify and create threat detections for automated response activities.
  • Use Agile methodology to organize intelligence, hunts and project status.
  • Be able to independently research intelligence reports to find actionable data for conducting intel or hypothesis-based hunts.
  • Explore and correlate large data sets to uncover novel attack techniques, monitor and catalog changes in activity group tradecraft, and investigate alerts for enterprise customers.
  • Conduct analysis of log files, evidence, and other information to determine the best methods for identifying the perpetrator(s) of a network intrusion.
  • Confirm what is known about an intrusion and discover new information, if possible, after identifying intrusion via dynamic analysis.
  • Create a forensically sound duplicate of the evidence (i.e., forensic image) that ensures the original evidence is not unintentionally modified, to use for data recovery and analysis processes.
  • Provide a technical summary of findings in accordance with established reporting procedures.
  • Ensure that chain of custody is followed for all digital media acquired in accordance with the Federal Rules of Evidence.
  • Recognize and accurately report forensic artifacts indicative of a particular operating system.
  • Extract data using data carving techniques (e.g., Forensic Tool Kit [FTK], Foremost).
  • Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.

 

Salary Range: $107,000 - $130,000

General Description of Benefits

Candidatar-se agora

Outros empregos

Firmenlogo

Systems Engineer II (VMware)

ECS Federal · Pocatello, Estados Unidos da América

Firmenlogo

Network Engineer

CVR Energy · Sugar Land, Estados Unidos da América

Firmenlogo

Streets Maintenance Supervisor - Stormwater

Town of Wake Forest, NC · Wake Forest, Estados Unidos da América