Tier 2 IR Night Shift with Security Clearance

---

Job description

Primary Responsibilities
Night Shift Back -Shift schedule: 7pm-7am, Thur-Sat, every other Wednesday.
• Utilize state of the art technologies such as host forensics tools(FTK/Encase), Endpoint Detection & Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data.
• Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response. • Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response.
• Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes.
• Lead Incident Response activities and mentor junior SOC staff.
• Work with key stakeholders to implement remediation plans in response to incidents.
• Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership.
• Flexible and adaptable self-starter with strong relationship-building skills
• Strong problem solving abilities with an analytic and qualitative eye for reasoning
• Ability to independently prioritize and complete multiple tasks with little to no supervision Basic Qualifications
• Must be a US citizen, no clearance required, prefer Secret Clearance with the ability to obtain TS/SCI.
• Bachelor's degree in Science or Engineering Field, IT, or Cybersecurity or related field
• 3+ years of experience be in the areas of incident detection and response, remediation malware analysis, or computer forensics.
• Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell
• Must be a US citizen, no clearance required. Must have at least one of the following certifications: CCFP - Certified Cyber Forensics Professional
CCNA Security
CEH - Certified Ethical Hacker
CHFI - Computer Hacking Forensic Investigator
CISSP - Certified Information Systems Security
ECES - EC-Council Certified Encryption Specialist
ECIH - EC-Council Certified Incident Handler
ECSA - EC-Council Certified Security Analyst
ECSS - EC-Council Certified Security Specialist
EnCE
ENSA - EC-Council Network Security Administrator
GCFA - Forensic Analyst
GCFE - Forensic Examiner
GCIH - Incident Handler
GISF - Security Fundamentals
GNFA - Network Forensic Analyst
GXPN - Exploit Researcher and Advanced Penetration Tester
GREM - Reverse Engineering Malware
GWEB - Web Application Defender
LPT - Licensed Penetration Tester
OSCE (Certified Expert)
OSCP (Certified Professional)
OSEE (Exploitation Expert)
OSWP (Wireless Professional)
CIRC
FTK-WFE-FTK Preferred Qualifications
Experience in Federal Government, DOD or Law Enforcement in CND, IR or SOC role
Cyber Kill Chain Knowledge

<!– job description page –>