Senior Cyber Incident Responder & Forensic Analyst
Job Type:
Permanent
Location:
Albany, USA
Area:
Albany, USA
Sector:
Cyber Security
Salary:
US$ Competitive
Share Page
Start Date:
ASAP
Advertiser:
Center for Internet Security
Job Ref:
2020-1237
Description
Overview
The primary purpose of this position is to be a subject matter expert in DFIR (Digital Forensics Incident Response), conducting rapid triage and investigating cyber incidents impacting State, Local, Tribal and Territorial (SLTT) governments.
What You'll Do
Take the lead on DFIR and cases, assisting State, Local, Tribal, and Territorial governments
Conduct rapid triage to investigate the extent and nature of compromises and provide expert recommendations on containment and remediation steps
Conduct incident response calls with SLTT governments
Prepare and review written technical reports that document case findings
Lead research on security-related questions or incidents reported from SLTT members
Provide training and support for CERT Analysts and other operations team members
This position may involve essential duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work
Other tasks and responsibilities as assigned
What You'll Need
Bachelor’s degree in DFIR, Cybersecurity, Computer Science, or related field*
3+ years’ experience in DFIR and/or Security/Network Administrator
Advanced experience in one or more of the following areas:
Incident response protocols, processes, and techniques
System and application security threats and vulnerabilities
Adversarial tactics, techniques, and procedures
Various host and network-based security controls
Experience preparing and delivering technical presentations and reports
Strong time management, communication, attention to detail, and professional and interpersonal skills
Must be eligible to obtain a National Security Clearance
The position is open to U.S. citizens and requires a favorably adjudicated DHS Fitness Review for Public Trust Positions**
Must be authorized to work in the United States
It's a Plus if You Have:
Highly proficient in the analysis of various log types (e.g. Windows Event, Web server, Firewall logs, etc…)
Experience with scripting languages such as Bash, Perl, or Python
Experience with dynamic and/or static analysis of malware
A detailed and in-depth knowledge of forensic methodologies and related tools such as FTK, EnCase, and SANS SIFT
Certifications in related areas (e.g. GCFE, GCFA, GNFA, GCIH, GREM, CCFE, CFCE, etc…)
*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.
**Factors that may cause a negative Fitness Review decision include:
Criminal Conduct
Dishonest Conduct
Employment Misconduct
Alcohol Abuse
Drug Use (illegal drug use or use of a legal drug in a manner that deviates from approved medical direction) Additionally, illegal drug use includes the use of drugs that are illegal for federal purposes despite being legal in select states and countries, such as marijuana.)
False Statements
Financial Issues
Have not resided in the US for three (3) of the past five (5) years