Today
Top Secret/SCI
Unspecified
CI Polygraph
IT - Security
Arlington, VA (On-Site/Office)
STI is seeking a Host Based Systems Analyst to perform investigations to develop a preliminary diagnosis of the severity of breaches. Provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. STI provides front-line response for digital forensics/incident response (DFIR) and proactively hunts for malicious cyber activity.
Responsibilities:
Required Skills:
- U.S. Citizenship
- Must have an active TS/SCI clearance
- Must be able to obtain DHS Suitability
- Directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools
- Ability to create forensically sound duplicates of evidence (forensic images)
- Able to write cyber investigative reports documenting digital forensics findings
- Experience with the analysis and characterization of cyber attacks
- Experience with proper evidence handling procedures and chain of custody protocols
- Skilled in identifying different classes of attacks and attack stages
- Knowledge of system and application security threats and vulnerabilities
- Knowledgeable in proactive analysis of systems and networks, including creating trust levels of critical resources
- Must be able to work collaboratively across physical locations.
Desired Skills;
- Experience with or knowledge of two or more of the following tools:
- EnCase
- FTK
- SIFT
- X-Ways
- Volatility
- WireShark
- Sleuth Kit/Autopsy
- Splunk
- Snort
- Other EDR Tools (Crowdstrike, Carbon Black, Etc)
- Proficiency with conducting all-source research.
Required Education:
BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and host or digital forensics experience
One of the Desired Certifications:
GCFA, GCFE, EnCE, CCE, CFCE, CISSP
Responsibilities:
- Assisting Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating evidence collection operations
- Providing technical assistance on digital evidence matters and forensic investigative techniques to appropriate personnel when necessary
- Writing in-depth reports, supporting with peer reviews, and providing quality assurance reviews for junior personnel
- Supporting forensic analysis and mentoring/guiding others on data collection, analysis, and reporting in support of onsite engagements.
- Assisting with leading and coordinating forensic teams in preliminary investigation
- Planning, coordinating, and directing the inventory, examination, and comprehensive technical analysis of computer-related evidence
- Distilling analytic findings into executive summaries and in-depth technical reports
- Serving as technical forensics liaison to stakeholders and explaining investigation details, including forensic methodologies and protocols
- Tracking and documenting on-site incident response activities and providing updates to leadership throughout the engagement
- Evaluating, extracting, and analyzing suspected malicious code
- Host-Based Systems Analyst 10+ years of network investigations experience.
Required Skills:
- U.S. Citizenship
- Must have an active TS/SCI clearance
- Must be able to obtain DHS Suitability
- Directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools
- Ability to create forensically sound duplicates of evidence (forensic images)
- Able to write cyber investigative reports documenting digital forensics findings
- Experience with the analysis and characterization of cyber attacks
- Experience with proper evidence handling procedures and chain of custody protocols
- Skilled in identifying different classes of attacks and attack stages
- Knowledge of system and application security threats and vulnerabilities
- Knowledgeable in proactive analysis of systems and networks, including creating trust levels of critical resources
- Must be able to work collaboratively across physical locations.
Desired Skills;
- Experience with or knowledge of two or more of the following tools:
- EnCase
- FTK
- SIFT
- X-Ways
- Volatility
- WireShark
- Sleuth Kit/Autopsy
- Splunk
- Snort
- Other EDR Tools (Crowdstrike, Carbon Black, Etc)
- Proficiency with conducting all-source research.
Required Education:
BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and host or digital forensics experience
One of the Desired Certifications:
GCFA, GCFE, EnCE, CCE, CFCE, CISSP
group id: solmd001
