Cyber Investigations Analyst - OTA / Active Top Secret
Tasks
- Collaborate with legal HR and security teams
- Collect analyze interpret log data
- Communicate findings to technical and non-technical stakeholders
- Conduct insider threat investigations
- Detect anomalous user behavior
- Develop refine detection rules and alerts
- Establish behavioral baselines
- Incorporate emerging insider threat tactics techniques and procedures into detection strategies
- Manage case documentation investigative records digital artifacts and data storage
- Perform forensic analysis of user activity logs endpoint telemetry and network data
- Produce investigative reports advisories and bulletins
- Provide guidance and mentorship
- Respond to escalated security incidents
Perks/Benefits
- N/A
Skills/Tech-stack
Active Directory | Activity monitoring | Azure Active Directory | Behavior analytics | Behavioral analytics | Chain of Custody | Dataset analysis | Detection engineering | Digital forensics | EDiscovery | Endpoint telemetry | Forensic analysis | Incident Response | Large dataset | Large dataset analysis | Log Analysis | Microsoft Sentinel | Network Analysis | SIEM | Splunk | Technical writing | UAM | UEBA | User Activity Monitoring | User and entity behavior analytics
Education
Related jobs
-
Sr. Cybersecurity Analyst III USD 180K-200KAccess Controls | Data encryption | Firewall | Forensic analysis | Incident Handling401k match | Dental insurance | Dependent care | Employee Assistance and Wellness Programs | Flexible work arrangementsSenior-level Full TimeWashington, DC15h ago
-
Security Operations Engineer I USD 125K-155KAccess Management | Alert triage | Automation | Azure AD | Cortex XDR401k retirement plan | Dental coverage | Medical coverage | Stock options | Vision coverageMid-level Full TimeRedondo Beach19h ago
-
Awareness Training | Compliance | Data Classification | Incident Response | Information securityOnsite workMid-level ContractRichmond, United States1d ago
-
Cyber Security Operations Center Analyst USD 114K-190KAlert Monitoring | ArcSight | Event analysis | Firewall | IDS/IPSRotating shifts | Weekend workMid-level Full TimeUSA-WV-Fairmont1d ago
-
Event Analyst II, Third Party Risk Management USD 55K-95KAudit Readiness | Cybersecurity | Data Analysis | Documentation | FFIEC401k matching | Employee assistance program | Paid Holidays | Paid time off | Tuition reimbursementEntry-level Full Time601 S. Tryon Street, NC R1d ago
-
Cyber Security Analyst-Level 2 USD 72K-74K800-53 | Access Control | Access Management | Azure Sentinel | CIS ControlsEntry-level Full TimeNew York City, NY, United States1d ago
-
Digital Forensic Lab Analyst (DFL Analyst) USD 56K-62KCall Detail Records | Cell Site Records | Digital forensics | Discovery Compliance | Electronic EvidenceDeferred compensation | Dental coverage | Flexible spending account | Health insurance | Paid HolidaysEntry-level Full TimeNew York City, NY, United States1d ago
-
AWS | Access Control | Active Directory | Azure | BashFamily leave | Health care plan | Paid time off | Retirement plan | Training and developmentSenior-level Full TimeUnited States - Remote R1d ago
-
Computer Network Defense Analyst-Mid USD 100K-179KCellular networking | Computer forensics | Detection Systems | Firewall | Information AssuranceWorld-class benefitsEntry-level Full TimeAnnapolis Junction, Maryland, United States1d ago
-
Exploitation Analyst-Mid USD 86K-198KComputer forensics | Cyber Security | Deobfuscation | Detection Systems | FirewallCareer progression | World-class benefitsSenior-level Full TimeAnnapolis Junction, Maryland, United States1d ago
-
Exploitation Analyst-Senior USD 86K-198KComputer forensics | Cyber Security | Incident Response | Intrusion Detection | Log AnalysisSenior-level Full TimeAnnapolis Junction, Maryland, United States1d ago
-
Computer Network Defense Analyst-Senior USD 104K-166KCellular network | Computer forensics | Cyber incident | Cyber incident response | Detection SystemsSenior-level Full TimeAnnapolis Junction, Maryland, United States1d ago
-
Active Directory | Activity monitoring | Alert Tuning | Azure AD | Behavioral BaselinesMid-level Full TimeArlington, VA, United States1d ago
-
ISSO, Journeyman USD 143K-175KAccess Management | Authorization and Accreditation | Configuration Management | Contingency Planning | CybersecuritySenior-level Full TimeOgden, Utah1d ago
-
Information Security Analyst II USD 76K-100KApplication Firewall | Compliance Auditing | Data Loss Prevention | Data loss | Event managementMid-level Full TimeColumbus, Georgia, USA, United States1d ago
-
Info. Security Analyst Principal USD 108K-147KACAS | DISA STIG | RMF | Splunk401k match | Dental insurance | Health insurance | Paid time off | Vision insuranceSenior-level Full TimeUSA VA Langley AFB - 50 …1d ago
-
Sr Technical Lead-Cybersecurity USD 113K-160KAWS | Access Management | Active Directory | Application whitelisting | AzureSenior-level Full TimeUS - NEW JERSEY CLIENT SITE, …1d ago
-
GRC Analyst – Enterprise & Third Party Risk USD 80K-100KAWS | Access Management | Audit Evidence Collection | Audit evidence | AzureMid-level Full TimeIrving - Royal 10, United States1d ago
-
Sr. Associate, Information Security Analyst USD 76K-128KAccess Control | Cause analysis | Cryptography | Detection engineering | Endpoint SecuritySenior-level Full TimeIrving, TX, USA - 6555 North …1d ago
-
Cybersecurity Forensics and Incident Response Analyst USD 125K-140KActive Directory | Application Firewall | Artifact analysis | Autopsy | BashOccasional travel | Rotating on-call scheduleMid-level Full TimePittsburgh, PA, United States1d ago
-
Analyst, Protective Intelligence USD 60K-74KAll-source intelligence | Geopolitical Analysis | IT troubleshooting | Incident Response | Microsoft ExcelPaid training | Virtual team collaboration | Weekend shift coverageMid-level Full TimeBoca Raton, FL, US1d ago
-
Cyber Vulnerability Analyst USD 127K-193KApplication Security | Cloud Security | Configuration Management | Database security | IDS24x7 on-call availabilityMid-level Full TimeCanada1d ago
-
Data Classification | Incident Response | Information security | Security Compliance | Security DocumentationIn-person interview | Professional growth opportunitiesSenior-level Contract Full TimeRichmond, VA, United States1d ago
-
Incident Response Business Analyst - West Coast USD 70K-120KData Analysis | Incident Response | Postmortem Analysis | Problem Solving | Process ImprovementOn-call rotation | Telecommuting optionsMid-level Full TimeUnited States (Remote) R1d ago
-
800-37 | 800-53 | Access Control | Agile | Authorization to OperateHealth insurance | Learning and development opportunities | Paid leave | Retirement benefitsSenior-level Full TimeWashington, DC1d ago