Cyber Incident Responses Engineer - Analyst

Prince William County, VA
Dec 07, 2018
Dec 10, 2018
Analyst, Engineer
Full Time
Cyber Incident Responses Engineer - Analyst Functional Responsibilities: Familiar with industry standard malware reverse analysis methodologies. Possess knowledge of various malware encryption and compression / packing methodologies and protective encryption weaknesses. Ability to provide malware threat research on new attacks and exploits. Ability to script (ex. Python and/or PERL) and automate tasks and be able to discern malware based covert channel and command and control protocol analysis. Apply the proper techniques and procedures to the identification, collection, examination and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data. Provides computer forensic support to high technology investigations in the form of evidence seizure, computer forensic analysis, and data recovery. Able to take various data sources from different data feeds such as Intrusion Prevention, SIEM, Anti-Virus, Firewall, Router and Switch event logs. Required Skills: Ability to communicate effectively through oral and written communications. Ability to brief technical presentations to incident response team, senior management, and watch floor turnover. To ensure a consistent and reliable incident response service, SOC team must be prepared to accept and follow the rules and guidelines, even if these are not fully documented and regardless of whether the staff member personally agrees with them SOC members must be able to work in a team environment as productive and cordial team players. CSIRT staff need to be aware of their responsibilities, contribute to the goals of the team, and work together to share information, workload, and experiences. Team must be flexible and willing to adapt to change and also need team skills for interacting with other parties such as, members of other incident response teams and other members of the organization, such as IT staff, site security officers, and network operators Knowledge of SOC tools and dashboards to include SIEM, Firewalls, Anti-virus, Network Devices, Vulnerability Scan data, IDS/IPS alerts, event logs, Malware Identification and reverse engineering, Data Loss Prevention and Insider Threat Monitoring (Intelligent ID) Ability to handle stressful situations as they pertain to SOC operations Excellent problem solving and technical skills Must be a US Citizen, and have the ability to pass or possess background investigation, or government clearance appropriate to the level to the SOC environment. Must have a certification that meets the Cyber Workforce Management Program. The positions below and their DoD Approved Baseline Certifications: CSSP Analyst CSSP Incident Responder CSSP Manager ECCouncil CEH ECCouncil CEH CISSP - ISSMP CySA CFR CISM CFR CCNA Cyber Ops CCNA Cyber Ops CySA SCYBER GCFA GCIA GCIH GCIH SCYBER GICSP

Similar jobs