Cyber Forensics Analyst
Arlington, Virginia, United States
Node.Digital
Market leader in Digital Transformation & Automation using Artificial Intelligence and Machine LearningCyber Forensics Analyst
Location: Arlington, VA
Must have active Secret Clearance
Node is seeking Cyber Forensics Analysts to support the DHS Hunt and Incident Response Team (HIRT). This team secures the Nation’s cyber and communications infrastructure while providing front line response for cyber incidents and hunting for malicious cyber activity. Raytheon Technologies (RTX), as a prime contractor to DHS, performs HIRT investigations to develop a diagnosis of the severity of breaches. Contract personnel provides front line response for digital forensics/incident response and proactively hunting for malicious cyber activity for this critical customer mission.
Responsibilities:
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
- Assesses network topology and device configurations identifying critical security concerns and providing security best practice recommendations
- Collects network intrusion artifacts (e.g., PCAP, domains, URI’s, certificates, etc.) and uses discovered data to enable mitigation of potential incidents
- Collects network device integrity data and analyze for signs of tampering or compromise
- Analyzes identified malicious network and system log activity to determine weaknesses exploited, exploitation methods, effects on system and information
- Tracking and documenting on-site incident response activities and providing updates to leadership through executive summaries and in-depth technical reports
- Planning, coordinating and directing the inventory, examination and comprehensive technical analysis of computer-related evidence
- Serving as technical forensics liaison to stakeholders and explaining investigation details
Requirements
Required Skills:
- U.S. Citizenship
- Must have an active Secret clearance (TS/SCI eligible) and be able to obtain DHS Suitability
- 8+ years of directly relevant experience in cyber forensic and network investigations using leading-edge technologies and industry-standard forensic tools
- Experience with reconstructing a malicious attack or activity
- Ability to characterize and analyze network traffic, identify anomalous activity / potential threats, analyze anomalies in network traffic using metadata
- Ability to create forensically sound duplicates of evidence (forensic images)
- Able to write cyber investigative reports documenting forensics findings
- In-depth knowledge and experience of:
• identifying different classes and characterization of attacks and attack stages
• CND policies, procedures and regulations
• proactive analysis of systems and networks, including creating trust levels of critical resources
• system and application security threats and vulnerabilities
• of network topologies, Wi-Fi Networking, and TCP/IP protocols
• Splunk (or other SIEMs)
• Vulnerability scanning, assessment and monitoring tools such as Security Center, Nessus, and Endgame
• MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
- Must be able to work collaboratively across physical locations.
Desired Skills:
- Experience and proficiency with the following tools and techniques:
• EnCase, FTK, SIFT, X-Ways, Volatility, WireShark, Sleuth Kit/Autopsy, and Snort
• EDR Tools: Crowdstrike, Carbon Black, Etc
• Carving and extracting information from PCAP data
• Non-traditional network traffic: Command and Control
• Preserving evidence integrity according to national standards
• Designing cyber security systems and environments in a Linux environment
• Virtualized environments
• Conducting all-source research
Required Education:
8+ years of experience and BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics or network forensic experience
Desired Certifications:
- GCFA, GCFE, EnCE, CCE, CFCE, CEH, CCNA, CCSP, CCIE, OSCP, GNFA
Company Overview:
Node.Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.
Our Core Values help us in our mission. They include:
OUR CORE VALUES
**Identifying the~RIGHT PEOPLE~and developing them to their full capabilities**
**Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner**
**We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence**
**Our mantra is “~Simple*Secure*Speed~” in delivery of innovative services and solutions**
Benefits
- Medical (100% Coverage for Employee)
- Dental
- Vision
- Basic Life (100% Coverage for Employee)
- Health Saving Account
- 401K
- Three weeks of PTO
- 10 Paid Holidays
- Pre-Approved Online Training
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security Automation Autopsy Carbon Black CCSP CEH CFCE Clearance CND Computer Science CrowdStrike EDR EnCase EnCE Forensics GCFA GCFE GNFA Incident response Linux Monitoring Nessus OSCP PCAP Sleuth Kit Snort Splunk TCP/IP TS/SCI Vulnerabilities
Perks/benefits: Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs