Job Details
Cybersecurity Host Based Forensics Analyst (L4)
Title:
Cybersecurity Host-Based Forensics Analyst (L4)Description:Solutions LLC is supporting our prime contractor and their U.S. Government customer s Hunt and Incident Response Team (HIRT) to assist in securing the Nation s cyber and communications infrastructure. The HIRT provides front-line response for cyber incidents and proactively hunting for malicious cyber activity.Solutions LLC is seeking
Cybersecurity
Forensics Analysts
to support this critical customer mission.Must be a US CitizenMust have an active
T
S/SCI
clearanceMust be able to obtainDHS Entry on Duty (EOD) Suitability
prior
to startingMust have
8
+ years
of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic toolsResponsibilities
:Assisting Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating evidence collection operationsProviding technical assistance on digital evidence matters and forensic investigative techniques to appropriate personnel when necessaryWriting in-depth reports, supports with peer reviews and provides quality assurance reviews for junior personnelSupporting forensic analysis and mentoring/providing guidance to others on data collection, analysis and reporting in support of onsite engagements.Assisting with leading and coordinating forensic teams in preliminary investigationPlanning, coordinating and directing the inventory, examination and comprehensive technical analysis of computer-related evidenceDistilling analytic findings into executive summaries and in-depth technical reportsServing as technical forensics liaison to stakeholders and explaining investigation details to include forensic methodologies and protocolsTracking and documenting on-site incident response activities and providing updates to leadership throughout the engagementEvaluating, extracting and analyzing suspected malicious codeRequired Skills
:Ability to create forensically sound duplicates of evidence (forensic images)Able to write cyber investigative reports documenting forensics findingsExperience with the analysis and characterization of cyber attacksExperience with proper evidence handing procedures and chain of custody protocolsSkilled in identifying different classes of attacks and attack stagesKnowledge of system and application security threats and vulnerabilitiesKnowledgeable in proactive analysis of systems and networks, to include creating trust levels of critical resourcesMust be able to work collaboratively across physical locationsDesired Skills
:Experience and proficiency with the following tools and techniques: EnCase, FTK, SIFT, X-Ways, Volatility, WireShark, Sleuth Kit/Autopsy, and SnortExperience with other EDR Tools: Crowdstrike, Carbon Black, EtcProficiency with
Conducting all-source researchRequired Education
: Bachelor s in Computer Science, Cybersecurity, Computer Engineering or related degree;
or
HS Diploma & 10 +
years of host or digital forensics experience.Desired Certifications
: GCFA, GCFE, EnCE, CCE, CFCE, CEH, CCNA, CCSP, CCIE, OSCP, GNFAWhat's your citizenship / employment eligibility?College or University *LinkedIn Profile URL:Provide the level of Security Clearance you currently hold."None" is a show-stopper for this position. *Do you understand the job responsibilities and feel you would be successful in executing these tasks? If yes, please be prepared to provide examples during an interview or email them in advance of an interview."No" would be a show-stopper for this position. *How many years of directly relevant experience in the area of expertise do you currently have?Less than the required number of years will be difficult to move forward. *Do you understand the required job skills and feel you have those skills? If yes, please be prepared to provide examples during an interview and/or email them in advance of an interview."No" would be a show-stopper for this position. * *Is the location shown in the Job Description within communicating distance for you? Assuming typical traffic patterns, the prime will not accept anyone more than 2-hrs from the site location. *The client will require their own suitability process. This will need to be completed BEFORE an official start date can be determined. This process could take anywhere between 4-6 weeks. Would this inhibit you from moving forward? *Please provide your middle name.If you don't have a middle name, please respond: NMN *If you have earned a Bachelor of Science/Masters/Doctorate degree, please enter the degree type, school name and completion date for each in the format MM/YYYY (e.g. 12/2001).Separate each with a comma (,) if applicable.If you never obtained a degree or this does not apply to you, please respond: N/A *If you have earned any type of formal certification (e.g. ITIL Foundations, Cisco, etc.) please enter the certification type, and the completion date for each in the format MM/YYYY (e.g. 12/2001). Separate each with a comma (,) if applicable.If you never obtained a certification or this does not apply to you, please respond: N/ANOTE: If you do not wish to provide this at this time, be prepared to provide this information during an interview.If you were referred to us by a Solutions team member or partner, please indicate here:
#J-18808-Ljbffr