Cybersecurity Analyst: Incident Response (Int)

Company: Cyber Defense Labs
Location: Arlington
Posted on: February 21, 2021

Job Description:

CDS offers competitive compensation, excellent benefits including tuition reimbursement and employer-contributed 401K, and referral bonuses.Duties and Responsibilities:As a Cybersecurity Analyst, your primary responsibilities will include:* Analyze raw data sources to extract, institutionalize, and document actionable events * Document the flow of data and identify multiple distinct data sources where suspicious behavior can be identified; must be able to identify supplemental sources where similar data may be found * Investigate and identify the root cause behind security incidents to include all stages of the cyber kill chain, as appropriate * Investigate incidents both from a network and host/application level * Investigate an incident, develop/communicate a timeline, and identify multiple scenarios based on the investigation * Leverage tools including Tanium, FireEye suite, GRR, Volatility, SIFT Workstation, MISP, and/or Bro as part of cyber incident response analysis duties* Monitor, track, and communicate reported events for numerous different security platforms, operating systems, databases, and management systems* Communicate and collaborate with colleagues to investigate incidents * Perform regular continuous monitoring of events across platforms, operating systems, databases, and management systems * Improve and implement indicators and protections across platforms, operating systems, databases, and management systems * Generate reports on a scheduled basis to document findings and remediation efforts, to include recommendations to the system owners * Design and implement dashboards and reports; create rapid prototypes Required Qualifications:* Active Top Secret clearance with SCI eligibility* For continued employment, the selected candidate must obtain and maintain a favorably adjudicated DHS background investigation * Minimum 3-5 years of relevant work experience * Strong experience with network analytics including NetFlow/PCAP analysis * Ability to generate a record of an investigation within an incident ticketing/tracking system * Ability to develop, document, and maintain use cases through Splunk or other SIEM technologies * Understanding of cyber forensics concepts including malware, hunt, etc. * Understanding of how both Windows and Linux systems are compromised Preferred Qualifications:* DHS suitability at the SCI level * Undergraduate degree in a related field (i.e., Computer Science, Information Systems Management)* Experience using Splunk for system data analytics and monitoring * Experience performing cyber forensics, malware analysis, cyber hunt, etc.* Professional certification (e.g., CISSP, CEH, Security+, GCIA, and/or GCIH)CDS is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law. Powered by JazzHROjde8DDcxY

Keywords: Cyber Defense Labs, Arlington , Cybersecurity Analyst: Incident Response (Int), Professions , Arlington, Virginia