Washington, District of Columbia (DC) · Information Technology
GCyber is seeking an experienced Incident Response Analyst to support our Department of Homeland Security customer.
This position requires the candidate to actively hold a DoD Top Secret security clearance with SCI eligibility. Job Description: The candidate shall support the Security Operations Command across a large enterprise environment. The Candidate shall perform duties related, but not limited to incident Response, Cyber Security Malware analysis, and Digital Forensics analysis. Specific responsibilities include:
Provide situational awareness and readiness reporting for the customer program leadership.
Support coordination and information collection related to incidents, investigations, Task Orders, and other communications within DOD and DHS.
Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
Identify potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
Maintain IDS signatures and policies.
Be able to modify/add custom IDS policies and signatures to account for lack of monitoring in threat areas as warranted by threat changes, such as zero-day attacks. This includes the use of Sourcefire rules.
Identify misuse, malware, or unauthorized activity on monitored networks.
Analyze and solve problems related to network, system, forensic and malware analysis.
Evaluate firewall change requests and assess organizational risk.
Assists with the implementation of counter-measures or mitigating controls.
Initiate computer incident handling procedures to isolate and investigate potential network information system compromises.
Ensure documentation is updated and maintained.
Travel from DC to Virginia will be required as necessary.
Demonstrate expert-level knowledge of DOD and industry accepted policies, standards, best practices, and regulations related to Cyber Security CND
Experience with SEIM solutions, Log collection analytics, Host base IDS/IPS (endpoint security), and Email Security, Web security
Knowledge of industry-accepted standards and best practices related to incident response operations.
Demonstrate basic analytical and problem-solving skills related to network, system, forensic and malware analysis.
Analysis of PCAP data and packet reconstruction
Experience with security technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, Security Event and Incident Management (SEIM), Antivirus, Network Packet Analyzers, Security Systems Manager, malware analysis, forensics tools, and reverse engineering.
Demonstrated knowledge in information technologies to include computer hardware and software, operating systems, and networking protocols.
Experience with Linux and Windows operating systems.
Knowledgeable on computer evidence seizure, computer forensic analysis, development and/or analysis, interpretation, and compliance with federal and agency IT security policies and regulations.
Shift Hours: 9am-6pm Mon-Fri with some holiday/weekend as needed
Clearance: Must have a Top Secret clearance/SCI to start. Will be subject to passing CI Poly
Education/Years of Experience: Must have 7 years of relative experience and BS degree.
Certifications: Must be IAT III and CND IR compliant (CISSP/CASP, CEH)
As a contingency to employment at GCyber, all candidates who are given offers must successfully pass a full background investigation including criminal history, education and employment verifications.
About GCyber: GCyber is an information technology services company that was founded to create innovative forward-leaning solutions to enhance the capabilities of our customers. GCyber engineers have satisfied the technology needs of the U.S. Government for over 20 years. We maintain relationships with key researchers, scholars, and analysts who have specialized expertise in the federal market. GCyber’s broad experience, focus toward desired outcomes, and commitment to innovation ensures responsive and long-lasting results.
This position requires the candidate to actively hold a DoD Top Secret security clearance with CI Poly.
For more information about GCyber please visit our website at http://www.gcyber.com. Also please stay in touch and track future job openings by following us on LinkedIn http://www.linkedin.com/company/gcyber. By submitting your resume for this position, you understand and agree that GCyber may share your resume, as well as any other related personal information or documentation you provide, with its partners and affiliated companies for the purpose of considering you for other available positions. GCyber is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identify, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.