CDG seeks a highly skilled Tier 3 Cyber Incident Analyst to execute, support, and provide expertise for the implementation of a successful Cybersecurity program.
- Provide analysis support for Tier 1 personnel.
- Support with host and network analysis to determine compromise extent and provide mitigation support on compromised systems.
- Validate and confirm critical security events and assess impact of the event.
- Research and maintain information on current security threats and applying knowledge to the security capability.
- Author intrusion detection signatures as well as other detection mechanisms and coordinate with Security Engineering to implement.
- Collect information from digital devices as part of legal investigations. Create and report on program tasks.
- Interface with the intelligence community in order to better develop and identify malicious activities and events that connect over time to form a pattern of attack.
- Recover data like documents, photos and e-mails from computer hard drives and other data storage devices that have been deleted, damaged or otherwise manipulated.
- Find evidence of illegal activity involving cybercrime offenses and examine computers that may have been involved in other types of crime.
- Use expertise to protect computers from infiltration, determine how a computer was broken in to or recover lost files.
- Use forensic tools and investigative methods to find specific electronic data, including Internet use history, word processing documents, images and other files.
- Automate workflow processes via scripting with Python or similar.
- Work with Cyber Threat Intel Team and maintaining threat indicator feeds.
- Build and maintain client and stakeholder relationships.
- Formulate and enforce work standards.
- Complete projects/deliverables on time and with quality.
- Active Top Secret government security clearance.
- Bachelor's Degree in Cybersecurity, Information, or Computer related field.
- Minimum five years’ experience in Cyber Incident Response experience is accepted in lieu of education.
- Experience demonstrating strong analytical, troubleshooting and problem-solving skills for security information and event management.
- At least 3 years of cybersecurity incident response field experience, including at least 2 years directly engaged with technical activities.
- Excellent communication skills, both written and oral.
- Operational knowledge with types of vulnerability assessors that shall include vulnerability assessment tools, wireless network detection, and non-signature based discovery and case handling tools.
- Experience with:
- Intrusion Detection and Preventions Systems (IDS/IPS).
- Monitoring network security events in an Enterprise Environment.
- Producing security event reports for management.
- Producing security metric reports for management.
- Security Information and Event Management (SIEM) systems.
Job Types: Full-time, Contract
Pay: $40.00 - $45.00 per hour
- cyber incident response: 3 years (Required)
- IDS / IPS: 1 year (Preferred)
- Remote interview process
- Social distancing guidelines in place
- Virtual meetings
- Sanitizing, disinfecting, or cleaning procedures in place