Network-Based Cyber Forensics Analyst with Security Clearance

at Independent Software
Published May 6, 2022
Location Arlington, VA
Category Default  
Job Type Full-time  

Description

Who are we? Independent Software is a consulting, product, and solutions firm dedicated to the practical application of software and system engineering technologies to solve complex problems. We bring together world class engineers with proven engineering best practices, domain expertise, commercial technologies and proven agile management approaches to create high value solutions aimed at helping our customers meet their most critical business and mission objectives. Why Independent Software? We are focused on continual learning and evolution. We don't do things because "that's the way we've always done things"; we listen to our employees and adapt to the changing marketplace. We look at the big picture and encourage our engineers to get training and certifications in emerging technologies that will help shape our customer's mission. We've been profitable year after year. We're always on the lookout for great engineers to join the team and we recognize that our employees are the heart and soul of what we do. We focus on recruiting talented people, treating them right, and then allowing them to do what they do best. No red tape. No micromanagement. Smart people want to work with smart people, and we love people who are passionate about what they do, and finding ways to do it better. What you will be doing! The Department of Homeland Security's (DHS) Hunt and Incident Response Team (HIRT) secures the Nation's cyber and communications infrastructure. HIRT provides DHS's front line response for cyber incidents and proactively hunting for malicious cyber activity. Independent Software performs HIRT investigations to develop a preliminary diagnosis of the severity of breaches. We provide HIRT remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. Independent Software is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. Independent Software is seeking all levels of Cyber Forensic Network Analysts from junior level to senior level to support this critical customer mission. Responsibilities: * Assist the Government lead in coordinating teams in preliminary incident response investigations
* Assist the Government lead with interfacing with the customer while on site
* Determine appropriate courses of actions in response to identified and analyses anomalous network activity
* Assess network topology and device configurations identifying critical security concerns and providing security best practice recommendations
* Assist with the writing and publishing of Computer Network Defense (CND) guidance and reports on incident findings to appropriate constituencies
* Collect network intrusion artifacts (e.g., PCAP, domains, URI’s, certificates, etc.) and use discovered data to enable mitigation of potential CND incidents
* Analyze identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information
* Collect network device integrity data and analyze for signs of tampering or compromise
* Assist with real-time CND incident handling (i.e., forensic collections, intrusion correlation and tracking, threat analysis, and advising on system remediation) tasks to support onsite engagements Requirements for this Career Opportunity: * U.S. CITIZENSHIP
* THIS POSITION REQUIRES AN ACTIVE TS/SCI CLEARANCE
* Must be able to obtain DHS suitability
* In depth knowledge of CND policies, procedures and regulations
* In depth knowledge of TCP/IP protocols
* In depth knowledge of standard networking protocols such as ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS, etc.
* In depth knowledge and experience of WiFi networking
* In depth knowledge and experience of network topologies such as DMZ’s, WAN’s, etc. Desired Skills: * Knowledge of and experience using Splunk (or other SIEM's)
* Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)Education and Experience: Junior Level Requirements: Two (2) to four (4) years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools, an IT-related Bachelor's Degree from an accredited college or university, and at least one certification from the following list: Certified Ethical Hacker (CEH), CompTIA Security+CE, CompTIA PenTest+CE, Cisco Certified Network Associate (CCNA CyberOps or CCNA Security concentration). OR Four (4) to six (6) years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools, a high school diploma, and at least one certification from the following list: Certified Ethical Hacker (CEH), CompTIA Security+CE, CompTIA PenTest+CE, Cisco Certified Network Associate (CCNA CyberOps or CCNA Security concentration). Mid-level Requirements: Five (5) to seven (7) years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools, an IT-related Bachelor's Degree from an accredited college or university, at least one certification from the following list: Certified Ethical Hacker (CEH), CompTIA Security+CE, CompTIA PenTest+CE, Cisco Certified Network Associate (CCNA CyberOps or CCNA Security concentration), and at least one certification from the following list: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Network Forensic Analyst (GNFA), GIAC Defending Advanced Threats (GDAT), GIAC Intrusion Analyst (GCIA), ISC2 Certified Information Systems Security Professional (CISSP, CISSP-ISSAP, CISSP-ISSEP), ISC2 Certified Cloud Security Professional (CCSP), CyberSec First Responder (CFR), CompTIA Cybersecurity Analyst (CySA+), CompTIA Cloud+CE, Certified Information Systems Auditor (CISA). OR Seven (7) to nine (9) years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools, a high school diploma, at least one certification from the following list: Certified Ethical Hacker (CEH), CompTIA Security+CE, CompTIA PenTest+CE, Cisco Certified Network Associate (CCNA CyberOps or CCNA Security concentration), and at least one certification from the following list: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Network Forensic Analyst (GNFA), GIAC Defending Advanced Threats (GDAT), GIAC Intrusion Analyst (GCIA), ISC2 Certified Information Systems Security Professional (CISSP, CISSP-ISSAP, CISSP-ISSEP), ISC2 Certified Cloud Security Professional (CCSP), CyberSec First Responder (CFR), CompTIA Cybersecurity Analyst (CySA+), CompTIA Cloud+CE, Certified Information Systems Auditor (CISA). Senior Level Requirements: Eight (8) or more years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools, an IT-related Bachelor's Degree from an accredited college or university, at least one certification from the following list: Certified Ethical Hacker (CEH), CompTIA Security+CE, CompTIA PenTest+CE, Cisco Certified Network Associate (CCNA CyberOps or CCNA Security concentration), and at least one certification from the following list: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Network Forensic Analyst (GNFA), GIAC Defending Advanced Threats (GDAT), GIAC Intrusion Analyst (GCIA), ISC2 Certified Information Systems Security Professional (CISSP, CISSP-ISSAP, CISSP-ISSEP), ISC2 Certified Cloud Security Professional (CCSP), CyberSec First Responder (CFR), CompTIA Cybersecurity Analyst (CySA+), CompTIA Cloud+CE, Certified Information Systems Auditor (CISA). OR Ten (10) or more years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools, a high school diploma, at least one certification from the following list: Certified Ethical Hacker (CEH), CompTIA Security+CE, CompTIA PenTest+CE, Cisco Certified Network Associate (CCNA CyberOps or CCNA Security concentration), and at least one certification from the following list: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Network Forensic Analyst (GNFA), GIAC Defending Advanced Threats (GDAT), GIAC Intrusion Analyst (GCIA), ISC2 Certified Information Systems Security Professional (CISSP, CISSP-ISSAP, CISSP-ISSEP), ISC2 Certified Cloud Security Professional (CCSP), CyberSec First Responder (CFR), CompTIA Cybersecurity Analyst (CySA+), CompTIA Cloud+CE, Certified Information Systems Auditor (CISA). Top Reasons to Work at Independent Software: * Great people deserve even better benefits, from comprehensive healthcare coverage and generous leave time to discounts with all of our vendors.
* You are not just a job title. That's why we tip the work-life balance scale in your favor. It's not about being billable, it's about being valuable.
* Whether you're working on-site or in our offices, your role at Independent Software is just as critical to our success as your coworker's.
* We're constantly researching and implementing the latest technology so you've always got the right tools at your disposal.
* As we've grown, we've retained that small company feel. When we say we have an open door policy, we actually mean it.
* Independent Software

Drop files here browse files ...