Cyber Security Analyst
Dark Wolf Solutions is looking for a Cyber Security Analyst who will analyze, investigate and provide in-depth synopses of the client’s and various external customer projects and technical initiatives from all disciplines, leveraging staff to the fullest extent possible. Additional activities include evaluating technical security and risk assessments, drafting reports and memorandums for senior officers; attending customer meetings, and participating in all client activities related to the assignment. The Cyber Security Analyst will also be responsible for drafting Department level reports to inform the client’s organization on how Information Technologies actually work, and the intrinsic vulnerabilities in these Information Technologies; these products will be written for a non-technical audience. In addition, the resource will be expected to:
- Support internal Client’s & External customer activities/projects by providing guidance to ensure the projects comply with parent organization’s policies and regulations while fulfilling the parent organization’s operational needs
- Provide insight into latest threats and countermeasures
- Collaborate with developers of Operational Technologies in acquiring data on systems and importing relevant data into commercial and client proprietary databases, enabling analyses.
- Work with existing IT resources to automate data ingestion to maximum extent possible.
- Draft and formally present analytical products that will inform client decisions on Operational Technologies. (Deliverable shall include written products consisting of tables and graphics as necessary to support the conclusions and/or recommendations to reduce risk, and Risk ratings that help readers give appropriate weight to the identified & articulated risks.
- Review procurement processes of hardware, software and services to comply with operational needs
- Provide recommendations for end-to-end technical analysis
- Data identification, reduction, and analysis to detect suspicious data types, client tools, modified software and/or other malicious content.
- Data extraction from various data sources including files, directories, unallocated space, raw images, custom databases (e.g. include parsing of data types necessary to extract metadata and content of forensic value).
- Data analysis (e.g. forensic and investigative) of raw and extracted data to include processing and interpretation of volatile memory captures and captured images of various electronic devices.
- System internals level processing to detect and report on significant kernel events such as root kits and kernel level client tools and communications.
- Red teaming (e.g. forensic IV&V to enhance client capabilities through extensive knowledge gained through the detection and analysis of known content.
- Induction, cataloging, and disposition of evidence.
- Maintain current knowledge of relevant technology as assigned
- 5+ years of network/cyber security experience in a secure environment.
- Demonstrated understanding of Operational Technologies.
- Demonstrated experience in Certification and Accreditation (C&A), risk assessment methodologies, information security Responsibilities for Management, internet Security, Portable Electronic Devices vulnerabilities, threat analysis concerns, and other general user information security awareness.
- Demonstrated experience with commercial databases.
- Demonstrated experience conducting research and producing professional writings.
- Demonstrated experience analyzing complex datasets.
- Demonstrated experience drafting analytical products.
- Demonstrated experience providing Executive-level briefings.
- Knowledge of encryption products, methodologies, configuration.
- Knowledge of Network Packet Capture Appliances/Applications, such as Netwitness, Solera, Probe, Wireshark, Snort.
- Knowledge of Network Vulnerability Scanner, Web Scanner, and Database Scanner, such as Nessus, Webinspect, AppDetective.
- Bachelor’s Degree in Computer Science, Engineering, or a related technical discipline, or the
equivalent combination of education, technical certifications or training, or work experience.
- Active TS/SCI with Polygraph Clearance required.
- Demonstrated experience creating and analyzing policy, and analyzing systems and applications for the client or client's partners.
- Demonstrated experience verifying/validating customer requirements, analyzing processes and job tasks, and developing process improvements.
- Demonstrated on-the-job experience with programming skills with scripting languages such as Perl, Python, Bash, etc is preferred.
- Demonstrated on-the-job experience with databases such as Postgres, MySQL, SQLite is preferred
- Demonstrated on-the-job experience with malware analysis and reverse engineering is highly desired
- Graduate Degree in Information Technology, Information Security, Cyber Security, or related field.
- Demonstrated experience communicating technical issues and vulnerabilities in simple terms to Executive Leadership at all levels as a technical writer.
We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.