What are the responsibilities and job description for the Cyber Defense Analysts - Mid position at ECS Federal, LLC?
ECS is seeking a Cyber Defense Incident Responder – Mid to work in our Washington, DC office.
- Coordinate incident response functions.
- Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.
- Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
- Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
- Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
- Perform cyber defense trend analysis and reporting.
- Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
- Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs).
- Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
- Track and document cyber defense incidents from initial detection through final resolution.
- Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness).
Salary Range: $89,000 - $116,000
General Description of Benefits
- Strong written and verbal communication skills.
- Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
- Knowledge of system administration, network, and operating system hardening techniques.
- Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
- Demonstrated ability to interact effectively with senior management and leadership.
- Ability to design incident response for cloud service models.
- Knowledge of incident categories, incident responses, and timelines for responses.
- Knowledge of incident response and handling methodologies.
- Knowledge of the common networking and routing protocols (e.g., TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
- Knowledge of Application Security Risks (e.g., Open Web Application Security Project Top 10 list)
Certifications/Licenses:
- Bachelor's degree or higher
- 5 years' experience in Malware analysis, digital forensics, data/network analysis, penetration testing, information assurance, leading incident handling
- Must have, or be able to obtain within 3 months, one of the following certifications: CERT Certified Computer Security Incident Handler (CSIH), ECC Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Information Security Fundamentals (GISF), or ISC2 Certified Information System Security Professional (CISSP).
- Active Secret clearance
Req Benefits:
https://ecstech.com/careers/benefits/">https://ecstech.com/careers/benefits/
Salary : $89,000 - $116,000