Host Based Forensics Cybersecurity Analyst 3 (2022)

| Washington DC
Sorry, this job was removed at 9:51 p.m. (CST) on Friday, May 13, 2022
Find out who's hiring in Washington DC.
See all Cybersecurity + IT jobs in Washington DC
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Host Based Forensics Cybersecurity Analyst 3

RE2548

Location: Arlington, VA

Schedule: Full Time

Shift: 1st


 

OVERVIEW

Caribou Thunder, LLC is a Woman Owned, HUBZone Certified, Native American Owned, SBA and SDB Certified global engineering services company, incorporated in 2006. Caribou Thunder is a Global Service Provider supporting a wide variety of DoD, Space and Intelligence programs with consistent growth since inception to over 100 associates and $10M in annual sales with solid performance in 35 states across the U.S. and 22 countries around the world. 

This is an opportunity to join a fast-paced program supporting the Department of Homeland Security cybersecurity hunt and incident response efforts. As a Host Based Forensics Cybersecurity Analyst you will use leading edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected cyber intrusions performing investigations to characterize of the severity of breaches, develop mitigation plans, and assist with the restoration of services.

 

RESPONSIBILITIES

  • Assists with leading and coordinating forensic teams in preliminary investigations.
  • Plans, coordinates, and directs the inventory, examination, and comprehensive technical analysis of computer related evidence.
  • Distills analytic findings into executive summaries and in-depth technical reports.
  • Serves as technical forensics liaison to stakeholders and explains investigation details to include forensic methodologies and protocols Tracks and documents on-site incident response activities and provides updates to leadership throughout the engagement.
  • Evaluates, extracts, and analyzes suspected malicious code.
  • Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements.
  • Triage electronic devices and assess evidentiary value.
  • Correlate forensic findings to network events in support of developing an intrusion narrative - Collect and document system state information (e.g. running processes, network connections) prior to imaging, as required.
  • Perform forensic triage of an incident to include determining scope, urgency, and potential impact.
  • Track and document forensic analysis from initial participation through resolution.
  • Collect, process, preserve, analyze and present computer related evidence’
  • Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products.
  • Assist to document and publishing Computer Network Defense (CND) guidance and reports pertaining to incident findings.

 

BASIC QUALIFICATIONS

  • Experience with Splunk REQUIRED
  • Experience with the following:
      • MITRE ATT&CK
      • Windows Event IDs
      • Familiar with Linux & Windows artifacts & interpretation
      • Network topologies/architecture
      • Basic malware analysis
      • Incident response & threat hunting (at scale
      • Advanced Persistent Threats (APTs) tactics, techniques, and protocols (TTPs)
      • Computer forensics
      • Digital forensics
      • Memory forensics
      • Red/Blue/Purple Teams

 

  • Demonstrated use with the following:
      • FTK
      • Encase
      • Axiom
      • Xways
      • Autopsy
      • SIFT
      • Mandiant HX
      • FireEye
      • SOFL-ELK
      • Moloch
      • Wireshark
      • Network Miner
      • NetWitness
      • CyberChef
      • Corelightm
      • Zeek, Bro IDS
      • Security Onion
      • ArcSight
      • Bonus: PowerShell, Python, etc.

 

 

DESIRED CERTIFICATIONS

  • CEH
  • Security+
  • CHFI
  • GCIH
  • GCFE

 

CLEARANCE

Active TS/SCI Clearance

Must be able to obtain DHS Suitability

 

EDUCATION and EXPERIENCE REQUIREMENTS

BS Computer Science, Computer Engineering, Computer Information Systems, Computer Systems Engineering plus 5-7 years of relevant experience

OR High School Diploma plus 7-9 years of relevant experience

 

ABOUT CARIBOU THUNDER

Caribou Thunder, LLC is an established Defense contractor with nearly 20 years of experience delivering engineering services worldwide. We offer industry leading salaries, flexible work life balance, full range of benefits (career development and mentoring, PTO, medical, dental, vision, life insurance, disability insurance, and 401k match). Caribou Thunder, LLC offers meaningful career opportunities within a true team-based environment, where each and every employee matters, contributing to a higher goal supporting National Security programs. Caribou Thunder, LLC is committed to hiring and maintaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, marital status, national origin, age, veteran status, disability, or any other protected class. United States citizenship is a requirement for all positions.

 

 

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Similar Jobs

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about Caribou Thunder LLCFind similar jobs