Cyber Hunt & Incident Response Analyst: Active TS Required job – Cambridge Global Advisors – Arlington, VA

Cyber Hunt & Incident Response Analyst: Active TS Required

Cambridge Global Advisors

Arlington, VA 22209

Full-time, Contract

Cyber Hunt & Incident Response Analyst – *** Active Top-Secret Security Clearance with the ability to obtain a TS/SCI is required ***

Location: Washington, DC / Arlington, VA

Job Type: Independent Contractor

Level of Education: Requisite professional training or Bachelor’s Degree

Salary: Commensurate with experience

Other information: Successful candidates should be able to start immediately on a contract basis. Our office is based in Arlington, VA.

About Cambridge Global Advisors

Cambridge Global Advisors (CGA) is a strategic advisory services firm with deep expertise and experience at the global, national, state and local levels. Our mission is to assist our clients in the management, development, and implementation of their national security programs, practices, and policies, with a special interest in homeland security. We work with government, non-profit organizations, and Fortune 500 companies to provide strategic advisory and project management services as well as public diplomacy, outreach and engagement, and communications.

Job Description:

This position is a contractual position with US-CERT (United States Computer Readiness Team), housed within the U.S. Department of Homeland Security. US-CERT’s primary mission is to respond to major cyber incidents, analyze threats, and exchange critical cybersecurity information with trusted partners around the world. Among other task orders, CGA supports US-CERT, its mission and its leadership through communications and stakeholder engagement activities.

Responsibilities include:

  • Collects and analyzes host based and network based data in support of incident response investigations.
  • Interprets, analyzes and reports on events and anomalous activity discovered through incident response investigations.
  • Leverages tools including Tanium, FireEye suite, GRR, Volatility, SIFT Workstation, MISP, and/or Bro as part of duties performing cyber incident response analysis.
  • Supports incident response engagements, and partners with other incident response teams in maintaining an understanding of threats, vulnerabilities, and exploits that could impact client networks and assets
  • Performs real-time and proactive analysis on various data sources, such as anti-virus logs, firewall logs, IDS & IPS data, event logs, and other host based and network based artifacts.
  • Utilizes data analytics tools including Splunk to make sense of machine data in performing responsibilities.
  • Correlates and analyzes data between disparate sources to assess threat actor techniques, tactics, and procedures.
  • Supports the incident manager in focusing and providing response, containment, investigation, and remediation efforts.
  • May be required to coordinate with external organizations, authorities, and senior level leadership.
  • Performs network architecture security reviews and models data flow to support incident response investigations.
  • May be required to travel up to 25% of time.

Minimum Qualifications:

  • Bachelor’s degree in a technical discipline with a minimum of 3 years related technical experience.
  • Active Top-Secret Security Clearance with the ability to obtain a TS/SCI is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.
  • Familiar with network analytics including Netflow/PCAP analysis.
  • Understanding of cyber forensics concepts including malware, hunt, etc.
  • Understanding of how both Windows and Linux systems are compromised.

Preferred Qualifications:

  • DHS Suitability at the SCI level
  • Experience using Splunk for system data analytics and monitoring strongly preferred.
  • Experience performing cyber forensics, malware analysis, cyber hunt, etc. strongly preferred.
  • A professional certification such as GCFA, GNFA, GREM, or GCIH is highly desirable.

Job Type: Full-time

Required education:

قالب وردپرس

About secureteam

A Computer Programmer whose articles got mentions from the likes of The New York Times, Kissmetrics and AllTopStories. He writes articles, novels and poems; spends most of his time reading everything he could get his hands on. He is currently pursuing his Masters from The University of Illinois and holds a Bachelors in Electronics Engineering from the University of California. He is a programmer, a motivational writer and speaker.

Leave a Reply

Your email address will not be published. Required fields are marked *