Digital Forensic Incident Response (DFIR) Analyst - Mid Level (TS required, eligible for SCI)

SECURITY CLEARANCE REQUIREMENT: TS, WITH SCI ELIGIBILITY

• POSITION REQUIRES US CITIZENSHIP***
  
  

Company Overview: As a Cybersecurity, Information Technology, and Management Consulting firm focused on assisting our commercial and U.S. Intelligence Community clients proactively mitigate threats, RedTrace Technologies is seeking talented and innovative team members to join us in support of an exciting information operations, intelligence analysis, and cybersecurity requirement. Candidate must be a US citizen and have an active Top Secret Clearance with eligibility to obtain SCI and obtain and maintain a CI Poly.

Position Description:

The DFIR Analyst is responsible for preventing the escalation of severe security threats and providing reports to the security team. This position utilizes tools to minimize the effects of a security breach on the computer network and performs an analysis to ensure that computer networks are clear of threats.

Roles and Responsibilities:

• Conduct a full range of advanced professional duties required to monitor network activity, document and report on information security issues and emerging trends
• Provide threat and vulnerability analysis
• Monitor endpoint protection/detection for anomalies using designated escalation paths for remediation
• Review and monitor Security Information and Event Management (SIEM) log data for unauthorized access and initiate investigations if necessary
• Perform malware threat hunting using industry-leading products and applications
• Participate in developing security strategies
  
  

In addition, the DFIR Analyst shall:

• Have experience with forensic tools such as Magnet AXIOM, or FTK enterprise
• Have experience creating forensic images of hard drives as part of data collection and further analysis
• Perform against established operational rhythm, expectations, and standards for Security Operations Center (SOC) DFIR line of effort
• Be part of the 24x7 operations of the FBI ESOC
• Perform advance incident handling responsibilities with direct interface with ESOC management team
• Identify areas of improvement for SOC processes and tools to enhance the mission
  
  

Basic Qualifications:

• MUST BE A US CITIZEN
• Bachelor's degree is desired
• TS clearance (eligibility to obtain SCI and pass CI poly)
• 5 years of experience with crisis management, incident response, strategic communications, or risk management
• 5 years of experience with supporting facilitation of trainings or briefing sessions
• Adept knowledge of cybersecurity and incident response principles, crisis management and emergency management principles
• Ability to leverage available learning resources, both internal and external
• Experience with advanced Microsoft Office products
• Ability to work within a highly collaborative, fast-paced, dynamic environment
• Possession of excellent verbal and written communication skills
• Possession of excellent interpersonal skills, including client management skills
• Strong IR and Digital forensics experience, and cloud experience is preferred
  
  

Additional Qualifications:

The ideal candidate will have experience with four or more of the items below:

• Splunk SearchProcessing Language (SPL)
• Microsoft Defender for Endpoint (MDE)
• Microsoft Azure Sentinel
• Kusto Query Language (KQL)
• Linux Bash
• PowerShell/CMD
• Networking - intermediate level knowledge of computer networking
• Type 2 Hypervisor software such as VMware Workstation Pro, VirtualBox, Hyper-V
• Comfortable using various distributions of Linux
  
  

Employee Benefits:

• Competitive salary for well qualified applicants
• 401(k) plan
• Annual performance bonus
• Certification and advanced degree attainment bonuses
• Student Loan / Tuition reimbursement
• Health Care Insurance (medical, dental, vision)
• Up to four weeks of paid vacation
• 11 Federal Holidays, and 3 Floating Holidays
• Team bonding events
  
  

RedTrace Technologiesis an EOE employer.

Powered by JazzHR

6m0id3Yh5I