Incident Response Analyst

Incident Response Analyst

Location: Huntsville, AL

Work Type: Onsite

Remote Work: No

Job Description

Collect, analyze, and present digital evidence in support of computer investigations. Apply basic principles, theories, and concepts and limited industry knowledge. Solve routine problems of limited scope and complexity and refer more complex issues to higher levels. Work under direct supervision.

Qualifications

• 8 years of experience in cybersecurity
• Experience with Windows, Apple OSX, and Linux operating systems operations and artifacts
• Experience with SIEM technologies, including Splunk, Microsoft Sentinel, or Elastic
• Experience with forensics tools, including Magnet Axiom and FTK
• Experience performing forensic imaging, remote collection, and forensic analysis
• Experience with malware analysis, including static, dynamic, and reverse engineering
• Experience performing root cause analysis and following through with all phases of the incident response lifecycle
• Top Secret clearance
• Bachelor’s degree

Additional Qualifications

• Experience acquiring memory from the host and performing memory analysis with tools, including Volatility
• Experience with Endpoint Detection and Response (EDR) tools, including CrowdStrike Falcon and FireEye HX
• Experience performing analysis of packet capture using tools, including Wireshark
• Experience with Python or PowerShell
• Experience performing Incident Response and Forensics in cloud computing environments
• Knowledge of Enterprise Network Architecture, including routing, switching, common protocols, including DHCP, DNS, or HTTP, and devices, including Firewalls, Proxies, or VPN
• Knowledge of the lifecycle of cybersecurity threats, attacks, attack vectors, and methods of exploitation
• Knowledge of intrusion set tactics, techniques, and procedures (TTPs)
• ACE, EnCE, GCFE, CCI, GREM, CHFI, GCFA, or CCFP Forensic Certification
• GIAC Continuous Monitoring (GMON), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Intrusion Analyst (GCIA), GIAC Network Forensic Analyst (GNFA), GIAC Cloud Threat Detection (GCTD), GIAC Cloud Forensics Responder (GCFR), GIAC Advanced Smartphone Forensics Certification (GASF), and GIAC Mobile Device Security Analyst (GMOB) Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

Compensation and Benefits

Salary Range: $100,000 - $140,000 (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.)

Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron’s benefits programs.

Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.

Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.