Tier 2 IR Night Shift with Security Clearance

Primary Responsibilities

Night Shift Back -Shift schedule : 7pm-7am, Thur-Sat, every other Wednesday.

• Utilize state of the art technologies such as host forensics tools(FTK / Encase), Endpoint Detection & Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data.
• Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response.
• Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response.
• Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes.
• Lead Incident Response activities and mentor junior SOC staff.
• Work with key stakeholders to implement remediation plans in response to incidents.
• Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership.
• Flexible and adaptable self-starter with strong relationship-building skills
• Strong problem solving abilities with an analytic and qualitative eye for reasoning
• Ability to independently prioritize and complete multiple tasks with little to no supervision Basic Qualifications
• Must be a US citizen, no clearance required, prefer Secret Clearance with the ability to obtain TS / SCI.
• Bachelor’s degree in Science or Engineering Field, IT, or Cybersecurity or related field
• 3 years of experience be in the areas of incident detection and response, remediation malware analysis, or computer forensics.
• Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell
• Must be a US citizen, no clearance required. Must have at least one of the following certifications : CCFP – Certified Cyber Forensics Professional

CCNA Security

CEH – Certified Ethical Hacker

CHFI – Computer Hacking Forensic Investigator

CISSP – Certified Information Systems Security

ECES – EC-Council Certified Encryption Specialist

ECIH – EC-Council Certified Incident Handler

ECSA – EC-Council Certified Security Analyst

ECSS – EC-Council Certified Security Specialist

EnCE

ENSA – EC-Council Network Security Administrator

GCFA – Forensic Analyst

GCFE – Forensic Examiner

GCIH – Incident Handler

GISF – Security Fundamentals

GNFA – Network Forensic Analyst

GXPN – Exploit Researcher and Advanced Penetration Tester

GREM – Reverse Engineering Malware

GWEB – Web Application Defender

LPT – Licensed Penetration Tester

OSCE (Certified Expert)

OSCP (Certified Professional)

OSEE (Exploitation Expert)

OSWP (Wireless Professional)

CIRC

FTK-WFE-FTK Preferred Qualifications

Experience in Federal Government, DOD or Law Enforcement in CND, IR or SOC role

Cyber Kill Chain Knowledge