Host Based System Analysts / Host Forensics Analysts
Location: Arlington, VA
Experience: 8+ years
Must have an active Top Secret Clearance:
Node as a prime contractor to DHS, performs HIRT investigations to develop a preliminary diagnosis of the severity of breaches. Node provides HIRT remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. Contract personnel provide front-line response for digital forensics/incident response (DFIR) and proactively hunt for malicious cyber activity.
Node is seeking Host Forensics Analysts to support this critical customer mission.
Responsibilities:- Assisting Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating evidence collection operations- Providing technical assistance on digital evidence matters and forensic investigative techniques to appropriate personnel when necessary- Writing in-depth reports, supporting with peer reviews and providing quality assurance reviews for junior personnel- Supporting forensic analysis and mentoring/providing guidance to others on data collection, analysis and reporting in support of onsite engagements.- Assisting with leading and coordinating forensic teams in preliminary investigation- Planning, coordinating and directing the inventory, examination and comprehensive technical analysis of computer-related evidence- Distilling analytic findings into executive summaries and in-depth technical reports- Serving as technical forensics liaison to stakeholders and explaining investigation details including forensic methodologies and protocols- Tracking and documenting on-site incident response activities and providing updates to leadership throughout the engagement- Evaluating, extracting and analyzing suspected malicious code
Requirements
Required Skills:
- U.S. Citizenship- Must have an active TS/SCI clearance- Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools- Ability to create forensically sound duplicates of evidence (forensic images)- Able to write cyber investigative reports documenting digital forensics findings- Experience with the analysis and characterization of cyber attacks- Experience with proper evidence handling procedures and chain of custody protocols- Skilled in identifying different classes of attacks and attack stages- Knowledge of system and application security threats and vulnerabilities- Knowledgeable in proactive analysis of systems and networks, including creating trust levels of critical resources- Must be able to work collaboratively across physical locations.
Desired Skills:- Experience with or knowledge of two or more of the following tools:--- EnCase--- FTK--- SIFT--- X-Ways--- Volatility--- Wireshark--- Sleuth Kit/Autopsy--- Splunk--- Snort--- Other EDR Tools (Crowdstrike, Carbon Black, Etc)- Proficiency in conducting all-source research.
Required Education:BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics experience
Desired Certifications:- GCFA, GCFE, EnCE, CCE, CFCE, CISSP
Company Overview:Node.Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.Our Core Values help us in our mission. They include:OUR CORE VALUES**Identifying the~RIGHT PEOPLE~and developing them to their full capabilities****Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner****We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence****Our mantra is “~Simple*Secure*Speed~” in delivery of innovative services and solutions**
Benefits