Cyber Incident Analyst

Gridiron IT

Jan 17

CDG seeks a highly skilled Tier 3 Cyber Incident Analyst to execute, support, and provide expertise for the implementation of a successful Cybersecurity program.

Responsibilities:

  • Provide analysis support for Tier 1 personnel.
  • Support with host and network analysis to determine compromise extent and provide mitigation support on compromised systems.
  • Validate and confirm critical security events and assess impact of the event.
  • Research and maintain information on current security threats and applying knowledge to the security capability.
  • Author intrusion detection signatures as well as other detection mechanisms and coordinate with Security Engineering to implement.
  • Collect information from digital devices as part of legal investigations. Create and report on program tasks.
  • Interface with the intelligence community in order to better develop and identify malicious activities and events that connect over time to form a pattern of attack.
  • Recover data like documents, photos and e-mails from computer hard drives and other data storage devices that have been deleted, damaged or otherwise manipulated.
  • Find evidence of illegal activity involving cybercrime offenses and examine computers that may have been involved in other types of crime.
  • Use expertise to protect computers from infiltration, determine how a computer was broken in to or recover lost files.
  • Use forensic tools and investigative methods to find specific electronic data, including Internet use history, word processing documents, images and other files.
  • Automate workflow processes via scripting with Python or similar.
  • Work with Cyber Threat Intel Team and maintaining threat indicator feeds.
  • Build and maintain client and stakeholder relationships.
  • Formulate and enforce work standards.
  • Complete projects/deliverables on time and with quality.
Qualifications:

  • Active Top Secret government security clearance.
  • Bachelor's Degree in Cybersecurity, Information, or Computer related field.
  • Minimum five years’ experience in Cyber Incident Response experience is accepted in lieu of education.
  • Experience demonstrating strong analytical, troubleshooting and problem-solving skills for security information and event management.
  • At least 3 years of cybersecurity incident response field experience, including at least 2 years directly engaged with technical activities.
  • Excellent communication skills, both written and oral.
  • Operational knowledge with types of vulnerability assessors that shall include vulnerability assessment tools, wireless network detection, and non-signature based discovery and case handling tools.
  • Experience with:
  • Intrusion Detection and Preventions Systems (IDS/IPS).
  • Monitoring network security events in an Enterprise Environment.
  • Producing security event reports for management.
  • Producing security metric reports for management.
  • Security Information and Event Management (SIEM) systems.
Job Types: Full-time, Contract

Pay: $40.00 - $45.00 per hour

Schedule:

  • Monday to Friday
Education:

  • Bachelor's (Preferred)
Experience:

  • cyber incident response: 3 years (Required)
  • IDS / IPS: 1 year (Preferred)
License/Certification:

  • CEH (Preferred)
Security Clearance:

  • Top Secret (Required)
Contract Length:

  • 1 year
Work Location:

  • Fully Remote
Company's website:

  • https://www.gridironit.com/
Work Remotely:

  • Yes
COVID-19 Precaution(s):

  • Remote interview process
  • Social distancing guidelines in place
  • Virtual meetings
  • Sanitizing, disinfecting, or cleaning procedures in place