Thursday, January 7, 2016

Digial Forensics - Sr Cyber Analyst

Open Position - Digial Forensics - Sr Cyber Analyst 
Location: Reston, VA (must be onsite)
Duration: Contract to Hire
Salary: OPEN
Start Date: ASAP
Interview Process Phone Screen & Onsite Face to Face Interview

JOB DESCRIPTION 


PROJECT BACKGROUND AND REQUIREMENTS

1.BACKGROUND
The Inc Information Security GSOC (Global Security Operations Center) is responsible for the security of the Systems networks and data. It is a 24 x 7 x 365 operation that provides around the clock intrusion detection and incident support to Systems home markets around the globe. The GSOC is staffed with analysts with sophisticated cyber security skills. In support of Computer Network Defense, Systems is seeking Cyber Analyst Senior Principal with a focus on Forensics. This position requires leadership and management of junior analysts.


2.REQUIREMENTS
  • Must be a US Citizen.
  • Must be able to obtain a DoD clearance.
  • Digital Forensics Background (e.g. Certifications, Degree) as applied to intrusion detection
  • Incident Response Experience
  • Experience with targeted malware analysis reporting and applying to host based detection/forensic investigations.
  • Monitoring and analysis of the output of tools/signatures as related to: McAfee Anti-Virus Suite, Mandiant Intelligent Response platform, Yara
  • Proficiency in forensic techniques and tools (e.g., X-Ways, EnCase, FTK Suite, Cellebrite, Nuix).
  • Experience with Microsoft, Apple, and Linux-based operating systems.
  • Ability to perform basic Behavioral/Static Malware Analysis
  • Ability to read and interpret pcap data
  • Ability to review and interpret host-based alerting
  • Experience with SIEM platforms (ArcSight) - including content creation (channels, rules, reports)
  • Eligibility to obtain/maintain a security clearance
  • Shift Flexibility - ability to provide on call support when needed
  • Ability to work greater than 40 hours per week as needed
  • Ability to act as full-time on-call escalation point for security incidents

Preferred Skills and Education:
  • Python/Perl/Powershell Scripting
  • Yara
  • SANS (GCFE, GCFA, GREM, EnCE, CFE)
3.JOB RESPONSIBILITIES/PROJECT TASKS
This position will be responsible for providing development of cyber security tools and support to the Systems Security Operations group. Tasks may include the following elements, as requested by Systems:
  • Running and analyzing MIR (Mandiant Intelligent Response) scans.
  • Writing MIR signatures based on understanding of malware analysis output and threat intelligence.
  • Writing scripts to automate analysis functions.
  • Perform forensic analysis on physical, virtual and distributed devices.
  • Produce accurate, evidence-based, high quality reports and presentations.
4.DELIVERABLES
The supplier will provide an information systems programmer/application developer. All deliverables created under this SOW will be non-branded: these deliverables will be prepared in conjunction with Systems, are intended to be treated solely as Systems' property. Systems will review such deliverables, revise them as Systems deems appropriate, approve them prior to use and take full responsibility for their content. Deliverables will include the following items and other items as needed and agreed with the consultant:
  • Global enterprise incident response, intrusion detection, analysis, reporting

5.PROGRESS AND COMPLIANCE
Progress will be measured through the analyst's performance in several areas including:
  • Punctuality.
  • Analysis of suspicious events to include making recommendations based on security best practices.
  • Ability to work as a team member in a diverse, fast paced environment.

If qualified and interested, please send your most current resume as a word document to Jason Weinstein atjason.weinstein@mondo.com

 
Jason Weinstein
Technical Recruiter, Mondo
P: 646-230-0876
Philadelphia, PA 19103

www.mondo.com