Cloud Forensics Analysts (CFA)
Arlington, Virginia, United States
Node.Digital
Market leader in Digital Transformation & Automation using Artificial Intelligence and Machine LearningCloud Forensics Analysts (CFA)
Location: Arlington, VA
The DHS’s Hunt and Incident Response Team (HIRT) secures the Nation’s cyber and communications infrastructure. HIRT provides DHS’s front-line response for cyber incidents and proactively hunts for malicious cyber activity.
Node, as a prime contractor to DHS, performs HIRT investigations to develop a preliminary diagnosis of the severity of breaches.
Node provides HIRT remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities.
Contract personnel provide a front-line response for digital forensics/incident response (DFIR) and proactively hunt for malicious cyber activity.
Node is seeking Cloud Forensics Analysts (CFA) to support this critical customer mission.
The CFA is a recently identified position for the HIRT and affords ample opportunities for training and career growth within the Cloud Forensics field.
Responsibilities:
- Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements
- Triage electronic devices and assess evidentiary value
- Correlate forensic findings to network events in support of developing an intrusion narrative
- Document system state information (e.g. running processes, network connections) prior to imaging, as required
- Perform forensic triage of an incident to include determining scope, urgency and potential impact
- Document forensic analysis from initial participation through resolution
- Collect, process, preserve, analyze and present computer-related evidence
- Coordinate with Government customers to validate/investigate alerts or additional preliminary findings
- Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products
- Assist to document and publishing Computer Network Defense (CND) guidance and reports pertaining to incident findings
Requirements
Required Skills/Clearances:
- U.S. Citizenship
- Active TS/SCI clearance
- Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability
- 5+ years of direct relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools
- Understanding of SaaS, PaaS and IaaS in the Cloud Environment
- Authoring cyber investigative reports documenting digital forensics findings
- Analyze and characterize cyber-attacks unique to the cloud
- Skilled in identifying different classes of attacks and attack stages
- Understanding of system and application security threats and vulnerabilities
- Understanding of proactive analysis of systems and networks, including creating trust levels, and understanding cloud authentication methods
- Able to work collaboratively across physical locations
- Action-oriented and have a proactive approach to problem-solving
- Proficiency with common operating systems (e,g, Linux/Unix, Windows)
Desired Skills:
- Awareness of strategies/architectures involved in implementing M365/Azure authentication
- Experience in acquisition, processing and analysis of digital evidence from onsite enterprises and cloud native platforms
- Understanding of APIs and proficiency with PowerShell/PowerShell modules leveraged to conduct API queries as they relate to Azure/M365
- Proficiency with scripting languages (e.g. Bash, Python, Powershell, JS)
- Understanding of Azure administration, M365 administration and/or development/DevOps
Required Education:
BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma & 7-9 years of host or digital forensics experience.
Desired Certifications/Education:
GCLD, GCPS, GCPN, GWEB, CCSP, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, Kubernetes Security Specialist, Microsoft 365 Certifications, Microsoft Azure Certifications AWS Certifications, SANS Cloud Courses (SEC541, SEC584, SEC588) and Certifications
Company Overview:
Node.Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.
Our Core Values help us in our mission. They include:
OUR CORE VALUES
**Identifying the~RIGHT PEOPLE~and developing them to their full capabilities**
**Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner**
**We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence**
**Our mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions**
Benefits
- Medical (90% Coverage for Employee)
- Dental
- Vision
- Basic Life (100% Coverage for Employee)
- Long Term Disability (100% Coverage for Employee)
- Health Saving Account
- 401K
- Three weeks of PTO
- 10 Paid Holidays
- Pre-Approved Online Training
Tags: Agile APIs Application security Automation AWS Azure Bash CCSP CISSP Clearance Cloud Computer Science DevOps DFIR EnCE Forensics GCFA GCIH IaaS Incident response Kubernetes Linux Malware PaaS PowerShell Python SaaS SANS Scripting TS/SCI UNIX Vulnerabilities Windows
Perks/benefits: Career development Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs