Cyber Defense Incident Responder (Mid)

Job Title: Cyber Defense Incident Responder (Mid)

Location: NCR

Job Category: Information Technology   

Time Type: Full-time

Clearance Requirement: Current TS/SCI Clearance required

Security Suitability: Must pass FBI security suitability

Polygraph Requirement: Must pass an FBI-administered Counterintelligence polygraph if one has not been conducted within the last five years.

Employee Type: W2 or 1099

Citizenship: US Citizen, no Dual Citizenship

Job Summary:

NexThreat is seeking The Cyber Defense Incident Responder (Mid). The Cyber Defense Incident Responder (Mid) is a key member of the DFIR team, responsible for analyzing digital evidence from computer security incidents to derive critical information that supports the mitigation of system and network vulnerabilities. This role involves meticulously gathering and analyzing extensive datasets to bridge informational gaps related to cyber-attacks. The Senior Incident Responder will identify perpetrators, understand their intrusion methods, and document the precise sequence of actions that compromise system integrity.

Key Responsibilities:

·       Conduct thorough investigations of security incidents, utilizing advanced tools and methodologies.

·       Gather and analyze digital evidence from various sources to identify and mitigate vulnerabilities.

·       Document and report findings accurately, detailing the timeline and methods of cyber intrusions.

·       Collaborate with other cybersecurity teams to enhance incident response strategies and improve overall security posture.

·       Mentor and train junior team members in digital forensics and incident response best practices.

·       Use Splunk Enterprise Security and Axiom Forensics Suite to analyze security events and incidents.

·       Stay updated on the latest cybersecurity trends, threats, and forensic tools.

Unique Skills/Tasks/Software:

·       Required: Proficiency in Splunk Enterprise Security.

·       Required: Experience with Axiom Forensics Suite.

·       Strong analytical skills and a solid understanding of networking and operating system fundamentals.

·       Excellent written and verbal communication skills for reporting and documentation purposes.

Preferred Certifications:

·       GIAC Continuous Monitoring Certification (GMON)

·       GIAC Certified Incident Handler (GCIH)

·       GIAC Certified Forensic Analyst (GCFA)

·       GIAC Certified Intrusion Analyst (GCIA)

·       GIAC Network Forensic Analyst (GNFA)

·       GIAC Cloud Threat Detection (GCTD)

·       GIAC Cloud Forensics Responder (GCFR)

·       GIAC Advanced Smartphone Forensics Certification (GASF)

·       GIAC Mobile Device Security Analyst (GMOB)

Qualifications:

·       Bachelor’s degree in Cybersecurity, Computer Science, or a related field (or equivalent experience).

·       Minimum 5 years of experience in incident response, digital forensics, or a related field.

·       Proven track record of handling and analyzing security incidents effectively.