HOST BASED SYSTEMS ANALYST WITH SECURITY CLEARANCE
Anonymous Employer
Arlington VA 22201 US
Our Arlington VA based client is looking for Host Based Systems Analyst. If you are qualified for this position, please email your updated resume in word format to
Responsibilities: • Assists with leading and coordinating forensic teams in preliminary investigations
• Plans, coordinates and directs the inventory, examination and comprehensive technical analysis of computer related evidence • Distills analytic findings into executive summaries and in-depth technical reports
• Serves as technical forensics liaison to stakeholders and explains investigation details to include forensic methodologies and protocols Tracks and documents on-site incident response activities and provides updates to leadership throughout the engagement
• Evaluates, extracts and analyzes suspected malicious code - Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements
• Triage electronic devices and assess evidentiary value
• Correlate forensic findings to network events in support of developing an intrusion narrative
• Collect and document system state information (e.g. running processes, network connections) prior to imaging, as required
• Perform forensic triage of an incident to include determining scope, urgency and potential impact
• Track and document forensic analysis from initial participation through resolution
• Collect, process, preserve, analyze and present computer related evidence
• Coordinate with Government staff and customer personnel to validate/investigate alerts or additional preliminary findings Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products
• Assist to document and publishing Computer Network Defense (CND) guidance and reports pertaining to incident findings Required Skills/Clearances:
• U.S. Citizenship - Active TS/SCI clearance
• Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability
• 5+ years of direct relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools
• Ability to create forensically sound duplicates of evidence (forensic images)
• Ability to author cyber investigative reports documenting digital forensics findings
• Proficiency with analysis and characterization of cyber attacks
• Skilled in identifying different classes of attacks and attack stages
• Understanding of system and application security threats and vulnerabilities
• Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources
• Able to work collaboratively across physical locations
• Action-oriented and have a proactive approach to problem solving
• Proficiency with common operating systems (e,g, Linux/Unix, Windows) Desired Skills:
Proficiency with two or more of the following tools: --- EnCase --- FTK --- SIFT --- X-Ways --- Volatility --- WireShark --- Sleuth Kit/Autopsy --- Splunk --- Snort --- Other EDR Tools (Crowdstrike, Carbon Black, etc) - Proficiency conducting all-source research. Required Education: BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma & 7-9 years of host or digital forensics experience. Desired Certifications: - GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP
Responsibilities: • Assists with leading and coordinating forensic teams in preliminary investigations
• Plans, coordinates and directs the inventory, examination and comprehensive technical analysis of computer related evidence • Distills analytic findings into executive summaries and in-depth technical reports
• Serves as technical forensics liaison to stakeholders and explains investigation details to include forensic methodologies and protocols Tracks and documents on-site incident response activities and provides updates to leadership throughout the engagement
• Evaluates, extracts and analyzes suspected malicious code - Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements
• Triage electronic devices and assess evidentiary value
• Correlate forensic findings to network events in support of developing an intrusion narrative
• Collect and document system state information (e.g. running processes, network connections) prior to imaging, as required
• Perform forensic triage of an incident to include determining scope, urgency and potential impact
• Track and document forensic analysis from initial participation through resolution
• Collect, process, preserve, analyze and present computer related evidence
• Coordinate with Government staff and customer personnel to validate/investigate alerts or additional preliminary findings Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products
• Assist to document and publishing Computer Network Defense (CND) guidance and reports pertaining to incident findings Required Skills/Clearances:
• U.S. Citizenship - Active TS/SCI clearance
• Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability
• 5+ years of direct relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools
• Ability to create forensically sound duplicates of evidence (forensic images)
• Ability to author cyber investigative reports documenting digital forensics findings
• Proficiency with analysis and characterization of cyber attacks
• Skilled in identifying different classes of attacks and attack stages
• Understanding of system and application security threats and vulnerabilities
• Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources
• Able to work collaboratively across physical locations
• Action-oriented and have a proactive approach to problem solving
• Proficiency with common operating systems (e,g, Linux/Unix, Windows) Desired Skills:
Proficiency with two or more of the following tools: --- EnCase --- FTK --- SIFT --- X-Ways --- Volatility --- WireShark --- Sleuth Kit/Autopsy --- Splunk --- Snort --- Other EDR Tools (Crowdstrike, Carbon Black, etc) - Proficiency conducting all-source research. Required Education: BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma & 7-9 years of host or digital forensics experience. Desired Certifications: - GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP