Host Based Systems Analyst

Company: Caribou Thunder
Location: Arlington
Posted on: January 12, 2022

Job Description:

Host Based System AnalystRE2478, RE2548, RE2549Location: Arlington, VASchedule: Full TimeShift: 1st
OVERVIEWCaribou Thunder, LLC is a Woman Owned, HUBZone Certified, Native American Owned, SBA and SDB Certified global engineering services company, incorporated in 2006. Caribou Thunder is a Global Service Provider supporting a wide variety of DoD, Space and Intelligence programs with consistent growth since inception to over 100 associates and $10M in annual sales with solid performance in 35 states across the U.S. and 22 countries around the world.This is an opportunity to join a fast-paced program supporting the Department of Homeland Security cybersecurity hunt and incident response efforts. As a Host Based Systems Analyst you will use leading edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected cyber intrusions performing investigations to characterize of the severity of breaches, develop mitigation plans, and assist with the restoration of services.
RESPONSIBILITIESAcquiring/collecting computer artifacts (e.g., malware, user activity, link files, etc.) from systems in support of onsite engagements.Assess evidentiary value by triaging electronic devices.Correlating forensic findings with network events to further develop an intrusion narrative.When available, collecting and documenting system state information (running processes, network connections, etc.) prior to imaging.Performing incident triage from a forensic perspective to include determining scope, urgency and potential impact.Tracking and documenting forensic analysis from initial involvement through final resolution.Collecting, processing, preserving, analyzing and presenting computer related evidence.Coordinating with others within the Government and with customer personnel to validate/investigate alerts or other preliminary findings.Conducting analysis of forensic images and other available evidence and drafting forensic write-ups for inclusion in reports and other written products.Assist in documenting and publishing Computer Network Defense guidance and reports on incident findings to appropriate constituencies.Assist in preliminary analysis by tracing an activity to its source and documenting findings for input into a forensic report.Assist team members in imaging digital media.Assist in gathering, accessing, and assessing evidence from electronic devices using forensic tools and knowledge of operating systems.Use hashing algorithms to validate forensic images.Under direct guidance and coaching if needed, locating critical items in various file systems to aid more senior personnel in their analysis.Performing analysis of log files from a variety of sources to identify possible threats to computer security.Use leading edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected cyber intrusions.Determine programs that have been executed, finding files that have been changed on disk and in memory.
QUALIFICATIONS2+ years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools.Ability to create forensically sound duplicates of evidence (forensic images).Able to write cyber investigative reports documenting digital forensics findings.Experience with the analysis and characterization of cyber attacks.Experience with proper evidence handing procedures and chain of custody protocols.Skilled in identifying different classes of attacks and attack stages.Knowledge of system and application security threats and vulnerabilities.Knowledgeable in proactive analysis of systems and networks, to include creating trust levels of critical resources.Must be able to work collaboratively across physical locations.Experience with two or more of the following tools: - EnCase - FTK - SIFT - X-Ways - Volatility - WireShark - Sleuth Kit/Autopsy - GRRDesired Certifications: - GCFA, GCFE, EnCE, CCE, CFCE, CISSPExperience with conducting all-source research.
CLEARANCEActive TS/SCI Clearance
EDUCATION and EXPERIENCE REQUIREMENTSLevel 1 - BS Computer Science, Computer Engineering, Computer Information Systems, Computer Systems Engineering; OR High School Diploma and 2+ years of host investigations experienceLevel 2 - BS Computer Science, Computer Engineering, Computer Information Systems, Computer Systems Engineering or related degree and 2+ years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools; OR High School Diploma and 4-6 years of host investigations experienceLevel 3 - BS Computer Science, Computer Engineering, Computer Information Systems, Computer Systems Engineering or related degree and 5+ years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools; OR High School Diploma and 7-9 years of host investigations experienceLevel 4 - BS Computer Science, Computer Engineering, Computer Information Systems, Computer Systems Engineering or related degree and 8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools
ABOUT CARIBOU THUNDERCaribou Thunder, LLC is an established Defense contractor with nearly 20 years of experience delivering engineering services worldwide. We offer industry leading salaries, flexible work life balance, full range of benefits (career development and mentoring, PTO, medical, dental, vision, life insurance, disability insurance, and 401k match). Caribou Thunder, LLC offers meaningful career opportunities within a true team-based environment, where each and every employee matters, contributing to a higher goal supporting National Security programs. Caribou Thunder, LLC is committed to hiring and maintaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, marital status, national origin, age, veteran status, disability, or any other protected class. United States citizenship is a requirement for all positions.
4DPeZDMGs7

Keywords: Caribou Thunder, Arlington , Host Based Systems Analyst, Professions , Arlington, Virginia