Cyber Defense Incident Responder

Be Challenged and Make a Difference 

In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture. 

Description of Task to be Performed:

Come join our growing team and make a difference every day! AnaVation is seeking an experienced Cyber Defense Incident Responder subject matter expert for a high priority cyber-focused work program. The successful candidate will have experience analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation within federal government environments.

Key responsibilities include:

· Analyze alerts, identify true positives, and prioritize incidents based on severity and impact.

· Conduct forensic analysis on systems and networks to determine the scope and impact of security incidents.

· The Contractor shall gather evidence, analyze artifacts, and reconstruct events to understand how the compromise occurred.

· Analyze threat intelligence feeds, indicators of compromise (IOCs), and TTPs (Tactics, Techniques, and Procedures) to identify and respond to emerging threats.

· Leverage comprehensive experience across advanced digital forensics methodologies and frameworks in a variety of operating systems

· Utilize advanced malware analysis techniques

· Ensure that incident response activities comply with legal and regulatory requirements.

· Leverage experience preserving and presenting evidence

· Conduct in-depth malware analysis and reverse engineering on mobile devices to assess the scope and impact of

malicious activity.

· Mentor junior staff and ensure quality of technical support and contractual deliverables

This position is on-site with our customer in Washington, DC.

This position requires an active Top Secret clearance and the ability to successfully pass a polygraph and obtain SCI accesses.

• Education: Bachelor's Degree in related field or equivalent combination of relevant experience and education (degree strongly preferred)

• Experience: 8 years (minimum)
• Required Skills/Certs:
• Must have experience with Splunk Enterprise Security
• Experience actively detecting, monitoring, preventing, and analyzing real-time cybersecurity information, events, and threats in a federal government environment

• Expertise in established incident response frameworks, such as NIST and SANS
• Specialized knowledge in forensic imaging and data recovery techniques, employing innovative methodologies to effectively preserve and analyze digital evidence.

• Comprehensive knowledge of advanced persistent threats (APTs), including strategic foresight regarding their tactics, techniques, and procedures (TTPs) and corresponding countermeasures

• Experience with Axiom Forensics Suite a strong plus
• Comprehensive understanding of mobile forensics methodologies and tools for extracting data from compromised devices

• Familiarity with security frameworks specific to mobile device environments, such as the Mobile Security Framework (MobSF) and others.

• Experience with digital forensics, incident detection and response, cyber threat intelligence and reporting, mobile device analysis, and/or watch floor operations.

• Preferred Certifications:
• GIAC Continuous Monitoring Certification (GMON)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Network Forensic Analyst (GNFA)
• GIAC Cloud Threat Detection (GCTD)
• GIAC Cloud Forensics Responder (GCFR)
• GIAC Advanced Smartphone Forensics Certification (GASF)
• GIAC Mobile Device Security Analyst (GMOB)

Benefits 

·        Generous cost sharing for medical insurance for the employee and dependents 

·        100% company paid dental insurance for employees and dependents 

·        100% company paid long-term and short term disability insurance 

·        100% company paid vision insurance for employees and dependents 

·        401k plan with generous match and 100% immediate vesting 

·        Competitive Pay 

·        Generous paid leave and holiday package 

·        Tuition and training reimbursement 

·        Life and AD&D Insurance

About AnaVation 

AnaVation is the leader in solving the most complex technical challenges for collection and processing in the U.S. Federal Intelligence Community. We are a US owned company headquartered in Chantilly, Virginia. We deliver groundbreaking research with advanced software and systems engineering that provides an information advantage to contribute to the mission and operational success of our customers. We offer complex challenges, a top-notch work environment, and a world-class, collaborative team.  

If you want to grow your career and make a difference while doing it, AnaVation is the perfect fit for you!