Tier 2 IR Night Shift in Ashburn VA with Security Clearance
Base One Technologies
2024-11-05 11:43:42
Ashburn, Virginia, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Tier 2 IR Night Shift
Night Shift Front
Shift schedule: 7pm-7am, Sun-Tues, every other Wednesday.
Primary Responsibilities
• Utilize state of the art technologies such as host forensics tools(FTK/Encase), Endpoint Detection & Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data.
• Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response.
• Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response.
• Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes.
• Lead Incident Response activities and mentor junior SOC staff.
• Work with key stakeholders to implement remediation plans in response to incidents.
• Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership.
• Flexible and adaptable self-starter with strong relationship-building skills
• Strong problem solving abilities with an analytic and qualitative eye for reasoning
• Ability to independently prioritize and complete multiple tasks with little to no supervision Basic Qualifications
NEW REQUIREMENT as of 6/27/2022: In addition to uploading the resume, please email us a copy of the candidate's current certifications (actual certificate) as a way to validate that certs are current and active. • Bachelor's degree in Science or Engineering Field, IT, or Cybersecurity or related field
• 3+ years of experience be in the areas of incident detection and response, remediation malware analysis, or computer forensics.
• Must have at least one of the following certifications: • SANS GIAC: GCIA, GCFA, GPEN GCFE, GREM, or GCIH ISC2 CCFP, CCSP, CISSP, CERT CSIH EC Council: CHFI, Offensive Security: OSCP, OSCE, OSWP and OSEE Encase: EnCE, DOD 8570: IAT L3, CNDSP Analyst or IR Carnegie Mellon: CSIH
• Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell
• Must be a US citizen, no clearance required. Must Have One of the Following J3 Certifications
Tier 2 (Response/DMA):
GCIH - Incident Handler
GCFA - Forensic Analyst
GCFE - Forensic Examiner
GREM - Reverse Engineering Malware
GISF - Security Fundamentals
"GXPN - Exploit Researcher
and Advanced Penetration Tester"
GWEB - Web Application Defender
GNFA - Network Forensic Analyst
OSCP (Certified Professional)
OSCE (Certified Expert)
OSWP (Wireless Professional)
OSEE (Exploitation Expert)
CCFP - Certified Cyber Forensics Professional
"CISSP - Certified
Information Systems Security"
CCNA Security
CCNP Security
CEH - Certified Ethical Hacker
CHFI - Computer Hacking Forensic Investigator
LPT - Licensed Penetration Tester
ECSA - EC-Council Certified Security Analyst
ENSA - EC-Council Network Security Administrator
ECIH - EC-Council Certified Incident Handler
ECSS - EC-Council Certified Security Specialist
ECES - EC-Council Certified Encryption Specialist
EnCE
Windows Forensic Examinations - FTK WFE- FTK
Computer Incident Responders Course - CIRC
Windows Forensic Examination - EnCase - Counter Intelligence (CI) - WFE-E-CI
"Forensics and Intrusions in a Windows Environment -
FIWE" Preferred Qualifications
Experience in Federal Government, DOD or Law Enforcement in CND, IR or SOC role
Cyber Kill Chain Knowledge