Cyber Security Incident Response Analyst

Job Description GDIT is seeking a highly qualified Cyber Security Incident Response Analyst who will support the Defense Human Resources Activity (DHRA) and Defense Manpower Data Center (DMDC) Cybersecurity Strategy, Operations and Programs. Our client, DHRA and DMDC supports major programs and initiatives within the Department of Defense (DoD) and maintains the largest archive of personnel, manpower, training, security and financial data within the DoD. AIT provides both DHRA and DMDC with Cybersecurity Support Services and solutions that span the entire spectrum of existing and future technical environments, hardware and software systems, and applications lifecycle in support of both its Unclassified Non-secure Internet Protocol Router Network (NIPRNET) and Classified Secure Internet Protocol Router Network (SIPRNET) environments. Responsibilities: Conduct highly technical examinations, analysis and reporting of computer based evidence related to security incidents (intrusion artifacts/IOCs) or investigations. Effective and secure handling of digital evidence and matter confidentiality. Perform incident triage and handling by determining scope, urgency and potential impact thereafter identifying the specific vulnerability and recommending actions for expeditious remediation. Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. Document incidents from initial detection through final resolution. Coordinate with and act as subject matter expert to resolve incidents by working with other information security specialists to correlate threat assessment data. Maintain and expand related information security metrics. Skills: Knowledge of incident response processes (detection, triage, incident analysis, remediation and reporting). High level of ethical hacker knowledge and understanding of malware/ransomware. Strong knowledge of network protocols, Windows/Linux OS, IOCs and BIOCs Understanding of network and system intrusion and detection methods; examples of related technologies include Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), Endpoint Detection and Response (EDR) Expert knowledge and experience of Microsoft Windows Desktop Operating Systems. Expert Knowledge in VMWARE, KVM and other virtualization technologies. Ability to operate Linux workstations, servers. Ability to build, maintain, and operate a sandbox lab environment. Proven experience with most commonly used forensic toolkits such as FTK, Sift, and Sleuth Kit through the Acquisition, Analysis, and Reporting stages. Proven training and experience in Encase equipment and usage of Write Block Applications. Comfortable analyzing malicious artifacts in a safe manner such as potentially malicious websites, emails and malware Excellent written and verbal communication skills with the ability to express thoughts clearly and accurately, know how to listen, and contribute in a client-facing environment. Strong attention to detail and organizational skills. High Level of Competence with Microsoft Excel for manipulating, sorting, combining, and creating pivot tables. Ability to multitask and work independently with minimal direction and maximum accountability Education Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience. Qualifications 5-8 years of directly related experience in network administration and support. Job ID 2018-48309
Salary Range: NA
Minimum Qualification
5 - 7 years

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.