Title: Digital Forensics SOC Analyst

JOB LOCATION: Crownsville, Maryland (Onsite)

JOB DURATION: Two years

REQUIRED YEARS OF EXPERIENCE: Nine years

VISA: U.S Citizenship

Interview mode: In person

JD:

Report to Director of Security Operations or his/her designee

Provide SOC Analyst Tier 3 escalation support

Plan, initiate, and conduct investigations for cybersecurity incidents response efforts

Perform forensic examinations on compromised systems

Understand and use forensic tools and techniques for cybersecurity incidents

Create forensic root cause and scope of impact analysis reports

Contribute to technical briefings on the details of forensics exams and report

Provide support in conducting malware analysis of attacker tools

Stay current on incident response and digital forensics skills, best practices, and tools

Train SOC analysts on usage of SIEM tools (Splunk), and basic event analysis

Develop rules and tune SIEM and related tools to streamline the event analysis done by the SOC

Assist developing new processes and procedures for SOC monitoring

Monitor networks for threats from external and internal sources

Analyze network traffic of compromised systems and networks

Correlate actionable security events from various sources

Review threat data and develop custom detection signatures

Gather and analyze threat intelligence data and conduct threat hunting

Understand cybersecurity attacks and tactics, techniques, and procedures (TTPs) associated with advanced threats

Communicate clearly with Government counterparts, and SOC customers

Development and implementation and operational and technical incident response processes, procedure, guidance, and standards

Ability to work outside of regular business hours, the role may require on-call support after regular business hours or weekends.

Minimum Qualifications:

Hands-on experience with security monitoring and SIEMs tools - Splunk Enterprise Security is preferred

Demonstrated working knowledge of cyber forensics and incident handling best practice processes, procedures, standards, and techniques

Hands-on experience with forensics image capture tools i.e., FTK Imager, MAGNET ACQUIRE

Hands-on experience with system image/file system/registry forensics tools i.e., Encase, FTK, X-Ways, Magnet AXIOM, Sleuthkit, Access Data Registry Viewer, Registry Recon, or other)

Hands-on experience with PCAP analysis tools i.e., Wireshark, TCP Dump, Network Miner, Xplico, or other

Hands-on experience with memory forensics tools i.e., BlackLight, Volatility, SANS SIFT, Magnet RAM Capture, or FireEye Memoryze, CrowdStrike Crowd Response

Hands-on experience with Endpoint Detection & Response solutions - Tanium Threat Response, McAfee or other

Desired Skills/Certifications:

Practical hands-on experience with static in malware analysis

Hands-on experience with malware anti-forensics, obfuscation, packing techniques

Hands-on experience with malware Analysis - Miscellaneous dynamic & static analysis tools (IDA Pro, Ghidra, OllyDBG, WinHex, HexEdit, HexDump, PeSTudio, REMux, OLEDUMP)

Hands-on experience with Custom Signature Creation - YARA

Scripting/Programming experience - Python, Perl, C, C , Go

Highly desired industry certifications include Certified Forensics Computer Examiner (CFCE), Computer Hacking Forensic Investigator (CHFI), GIAC Certified Forensic Examiner (GCFE), Certified Computer Examiner (CCE)

Relevant industry certifications such as Certified Ethical Hacker (CEH), GIAC Reverse Engineering Malware (GREM), Certified Reverse Engineering Analyst (CREA) etc.

Educational and Years of Experience: Bachelor's degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering or related scientific or technical discipline and 4 years of experience. Associate degree and/or cyber courses/certifications or 5 years of experience in directly related fields may be substituted in lieu of bachelor's degree

Sr. Recruiter

Phone:

Email:

Gtalk:

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.