Cyber Incident Response Analyst (Mid-Level) - Public Trust
Washington, DC
Full Time Mid-level / Intermediate Clearance required USD 52K - 123K *
cFocus Software Incorporated
Our exclusive ATO as a Service™ software & expert services automate FISMA RMF & FedRAMP compliance.
cFocus Software seeks a Cyber Incident Response Analyst (Mid-Level) to join our program supporting to join our program supporting United States Courts, Information Technology Security Office in Washington, DC. This position requires US Citizenship and the ability to obtain a Public Trust clearance.
Qualifications:
Qualifications:
- Bachelor’s Degree or equivalent experience in a computer, engineering, or science field.
- Ability to obtain a Public Trust clearance
- US Citizenship
- Certifications required: GCIA or GCIH or GSEC and Splunk Core Power User.
- 5+ years of relevant experience.
- Performs forensic analysis on hosts supporting investigations.
- Conducts malware analysis in out-of-band environment (static and dynamic), including complex malware.
- Assist with knowledge management – Standard Operating Procedures and procedural support data.
- Accept and respond to government technical requests through the AOUSC ITSM ticket (e.g., HEAT or ServiceNow) for advanced subject matter expert (SME) technical investigative support for real-time incident response (IR).
- IR includes cloud-based and non-cloud-based applications such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Cloud Access Security Brokers (e.g., Zscaler).
- Create duplicates of evidence that ensure the original evidence is not unintentionally modified. AOUSC supplied procedures and tools shall be used to acquire the evidence.
- Analyze forensic artifacts of operating systems (e.g., Windows, Linux, and macOS) to discover elements of an intrusion and identify root cause.
- Perform live forensic analysis based on SIEM data (e.g., Splunk).
- Perform filesystem timeline analysis for inclusion in forensic report.
- Extract deleted data using data carving techniques.
- Collect and analyze data from compromised systems using EDR agents and custom scripts provided by the AOUSC.
- Perform static and dynamic malware analysis to discover indicators of compromise (IOC).
- Analyze memory images to identify malicious patterns using Judiciary tools (e.g. Volatility). Analysis results documented in forensics report.
- Write forensic and malware analysis reports.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Analyst Jobs
Incident Response Jobs
Tags: Active Directory Azure Clearance Cloud EDR Forensics GCIA GCIH GSEC Incident response Linux MacOS Malware SIEM Splunk Windows
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsPenetration Tester jobsSenior Cybersecurity Engineer jobsSenior Cyber Security Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Network Security Engineer jobsInformation System Security Officer jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsCybersecurity Consultant jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobsSenior Information Security Engineer jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsTerraform jobsDoDD 8570 jobsFinance jobsBash jobsITIL jobsOWASP jobsCRISC jobsUNIX jobsGIAC jobsIntrusion detection jobsCompTIA jobsDocker jobs
TCP/IP jobsBanking jobsThreat detection jobsActive Directory jobsSANS jobsData Analytics jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsVPN jobsCyber defense jobsAnsible jobsSOC 2 jobsIT infrastructure jobsJavaScript jobsSOX jobsDNS jobsSOAR jobsJira jobsGCIH jobsSecurity strategy jobsNIST 800-53 jobsOracle jobsCryptography jobs