What are the responsibilities and job description for the Cyber Defense Incident Responder (SME) position at NexThreat?
Job Title: Cyber Defense Incident Responder (SME)
Location: NCR
Job Category: Information Technology
Time Type: Full-time
Clearance Requirement: Current TS/SCI Clearance required
Security Suitability: Must pass FBI security suitability
Polygraph Requirement: Must pass an FBI-administered Counterintelligence polygraph if one has not been conducted within the last five years.
Employee Type: W2 or 1099
Citizenship: US Citizen, no Dual Citizenship
Summary
The Cyber Defense Incident Responder (Subject Matter Expert) will be a key member of the Digital Forensics and Incident Response (DFIR) team. This team is responsible for analyzing digital evidence from computer security incidents to extract useful information to support the mitigation of system and network vulnerabilities. The role involves meticulously gathering and analyzing extensive datasets to bridge informational gaps related to cyber-attacks, identifying perpetrators, understanding their intrusion methods, and documenting the precise sequence of actions that compromise system integrity.
Key Responsibilities
Location: NCR
Job Category: Information Technology
Time Type: Full-time
Clearance Requirement: Current TS/SCI Clearance required
Security Suitability: Must pass FBI security suitability
Polygraph Requirement: Must pass an FBI-administered Counterintelligence polygraph if one has not been conducted within the last five years.
Employee Type: W2 or 1099
Citizenship: US Citizen, no Dual Citizenship
Summary
The Cyber Defense Incident Responder (Subject Matter Expert) will be a key member of the Digital Forensics and Incident Response (DFIR) team. This team is responsible for analyzing digital evidence from computer security incidents to extract useful information to support the mitigation of system and network vulnerabilities. The role involves meticulously gathering and analyzing extensive datasets to bridge informational gaps related to cyber-attacks, identifying perpetrators, understanding their intrusion methods, and documenting the precise sequence of actions that compromise system integrity.
Key Responsibilities
- Conduct thorough investigations into security incidents, collecting and documenting digital evidence.
- Analyze and interpret large volumes of data to uncover indicators of compromise and develop timelines of malicious activities.
- Collaborate with cross-functional teams to understand attack vectors and devise strategies for vulnerability mitigation.
- Utilize advanced forensic tools to extract and analyze data from compromised systems and networks.
- Prepare detailed reports outlining findings, methodologies, and recommendations for improving security posture.
- Provide expert knowledge on digital forensics and incident response processes, practice continuous learning of emerging threats and forensic tools.
- Required: Splunk Enterprise Security
- Preferred: Axiom Forensics Suite
- GIAC Continuous Monitoring Certification (GMON)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Network Forensic Analyst (GNFA)
- GIAC Cloud Threat Detection (GCTD)
- GIAC Cloud Forensics Responder (GCFR)
- GIAC Advanced Smartphone Forensics Certification (GASF)
- GIAC Mobile Device Security Analyst (GMOB)
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related discipline.
- Significant experience in digital forensics and incident response, preferably within a security operations center (SOC).
- Strong understanding of network protocols, operating systems, and common digital forensics methodologies.
- Excellent analytical, problem-solving, and communication skills.
