Remote:N
Salary:$65-75/hr
Location: Remote
Clearance: Top Secret/SCI
We are seeking a Senior Cybersecurity Host-Based Systems Analyst to perform investigations to develop a preliminary diagnosis of the severity of breaches. The HIRT provides remote and onsite advanced technical assistance, proactive threat hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities.
Qualifications:
- Must have 8+ years of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools
- Ability to create forensically sound duplicates of evidence (forensic images)
- Ability to write cyber investigative reports documenting digital forensics findings
- Experience with analysis and characterization of cyber attacks
- Skilled in identifying different classes of attacks and attack stages
- Knowledge of system and application security threats and vulnerabilities
- Knowledge of proactive analysis of systems and networks, to include creating trust levels of critical resources
- Able to work collaboratively across physical locations
Responsibilities:
- Assisting Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating artifact collection operations
- Providing technical assistance on digital artifacts collection/triage matters and forensic investigative techniques to appropriate personnel when necessary
- Writing in-depth reports, supports with peer reviews, and provides quality assurance reviews for junior personnel
- Supporting forensic analysis and mentoring/providing guidance to others on data collection, analysis, and reporting in support of onsite engagements.
- Assisting with leading and coordinating forensic teams in the preliminary investigation
- Planning, coordinating, and directing the inventory, examination, and comprehensive technical analysis of computer-related evidence
- Distilling analytic findings into executive summaries and in-depth technical reports
- Serving as technical forensics liaison to stakeholders and explaining investigation details to include forensic methodologies and protocols
- Tracking and documenting on-site incident response activities and providing updates to leadership throughout the engagement
- Evaluating, extracting, and analyzing suspected malicious code
- Characterize and analyze artifacts to identify anomalous activity and potential threats to resources
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
- Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information