Cybersecurity Analyst: Incident Response, Sr

Access Talent Today, LLC - Reston, VA

Duties and Responsibilities:

As a Cybersecurity Analyst, your primary responsibilities will include:

  • Analyze raw data sources to extract, institutionalize, and document actionable events
  • Document the flow of data and identify multiple distinct data sources where suspicious behavior can be identified; must be able to identify supplemental sources where similar data may be found
  • Investigate and identify the root cause behind security incidents to include all stages of the cyber kill chain, as appropriate
  • Investigate incidents both from a network and host/application level
  • Investigate an incident, develop/communicate a timeline, and identify multiple scenarios based on the investigation
  • Leverage tools including Tanium, FireEye suite, GRR, Volatility, SIFT Workstation, MISP, and/or Bro as part of cyber incident response analysis duties
  • Monitor, track, and communicate reported events for numerous different security platforms, operating systems, databases, and management systems
    • Communicate and collaborate with colleagues to investigate incidents
  • Perform regular continuous monitoring of events across platforms, operating systems, databases, and management systems
  • Improve and implement indicators and protections across platforms, operating systems, databases, and management systems
  • Generate reports on a scheduled basis to document findings and remediation efforts, to include recommendations to the system owners
  • Design and implement dashboards and reports; create rapid prototypes

 

Required Qualifications:

  • Active Top Secret clearance with SCI eligibility
    • For continued employment, the selected candidate must obtain and maintain a favorably adjudicated DHS background investigation
  • Minimum 7 years of relevant work experience
  • Strong experience with network analytics including NetFlow/PCAP analysis
  • Ability to generate a record of an investigation within an incident ticketing/tracking system
  • Ability to develop, document, and maintain use cases through Splunk or other SIEM technologies
  • Understanding of cyber forensics concepts including malware, hunt, etc.
  • Understanding of how both Windows and Linux systems are compromised

 

 



Posted On: Saturday, May 30, 2020



Apply to this job
  • Additional Information