Forensic Analyst

Bethesda, MD 20892

Posted: 04/08/2019 Industry: IT Job Number: JN -032019-111870

Information Security (Forensic) Analyst to join a Cyber Security Operations organization on a contract with a federal government client with an important global mission. Members of this team are highly motivated, self-driven, and are given great latitude to operate. Qualified candidates must have great initiative, a positive and healthy questioning attitude, and a drive to continuously help mature SOC Operations and Incident Response (IR). This role affords the opportunity to work with a great team while serving a fulfilling mission.

Beyond the required technical expertise (outlined below), the applicant must be resourceful, detail oriented, and 100% client focused, with a continuing passion for the profession.


- Apply strategic, operational, and tactical cyber intelligence to improve security operations

- Lead and/or support efforts to prepare for, monitor, detect, analyze/confirm, contain, re-mediate, and recover from security incidents

- Conduct deep analysis and hunting operations

- Perform investigation of network traffic and hosts/endpoints for potential security incidents, to include

o Sensor data and log analysis

o Netflow data

o Packet captures

o Memory analysis

o Disk forensics

- Provide adequate metrics, documentation, executive summaries and briefings to leadership and other stakeholders

Qualifications / Requirements Credentials - BS/BA degree

- Five or more years of work experience

- Three or more years of cyber security work experience

- One or more certifications in information security (such as GCIA, GCIH, CEH, CISSP, SSCP, Sec+, etc) Sound cyber security knowledge foundation, to include understanding of:

- Adversary TTPs

- Network technology and common protocols

- Network security

- Host security

- Malware

Security tools and sensors

Experience, Skills, and Abilities

- High technical ability/aptitude, demonstrated through prior technical experience and accomplishment

- Network investigation experience, to include netflow and packet/protocol capture and analysis

- Endpoint/host forensics experience

- SIEM experience

- Strong critical thinking, problem solving, and organization skills

- Strong teamwork and collaboration skills

- Good written and verbal communication skills

- Ability to pass a security clearance background investigation

Preferred Qualifications:

- Security clearance

- Experience and effective participation in hunt, computer network defense, real-time analysis and incident response activities, to include ability to reconstruct events from network, endpoint, and log data

- Experience and understanding of host-based/endpoint protection systems

Cyber intelligence experience

- Intelligence community experience

- Programming experience

- Scripting experience

- Server administration experience

- Enterprise forensic tool(s) experience

- Federal contract experience

Josh Rainier

Apply Online

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.