Base One Technologies - Arlington, VA

posted 2 months ago

Full-time - Senior
Arlington, VA
Professional, Scientific, and Technical Services

About the position

The Host Based Systems Analyst - IV - SME position at Base One Technologies involves advanced cyber forensic analysis and network investigations. The role requires a senior-level professional with extensive experience in identifying and mitigating security threats, analyzing network traffic, and providing technical guidance to stakeholders. The analyst will be responsible for performing event correlation, assessing network security, and documenting incident response activities, all while ensuring compliance with security policies and regulations.

Responsibilities

  • Perform event correlation using information gathered from various sources to gain situational awareness and assess attack effectiveness.
  • Assess network topology and device configurations to identify critical security concerns and provide best practice recommendations.
  • Collect network intrusion artifacts and use the data to mitigate potential incidents.
  • Analyze network device integrity data for signs of tampering or compromise.
  • Analyze malicious network and system log activity to determine exploited weaknesses and methods.
  • Track and document on-site incident response activities, providing updates through executive summaries and technical reports.
  • Plan, coordinate, and direct the examination and analysis of computer-related evidence.
  • Serve as a technical forensics liaison to stakeholders, explaining investigation details.

Requirements

  • U.S. Citizenship is required.
  • Active Secret clearance (TS/SCI eligible) and ability to obtain DHS Suitability.
  • 8+ years of directly relevant experience in cyber forensic and network investigations using advanced technologies and forensic tools.
  • Experience in reconstructing malicious attacks or activities.
  • Ability to analyze network traffic and identify anomalous activity or potential threats.
  • Ability to create forensically sound duplicates of evidence.
  • Proficient in writing cyber investigative reports documenting forensic findings.
  • In-depth knowledge of attack classes, CND policies, and system vulnerabilities.
  • Experience with Splunk or other SIEMs, and vulnerability scanning tools.

Nice-to-haves

  • Experience with forensic tools such as EnCase, FTK, SIFT, and WireShark.
  • Proficiency with EDR tools like Crowdstrike and Carbon Black.
  • Experience in carving and extracting information from PCAP data.
  • Knowledge of non-traditional network traffic and evidence preservation standards.
  • Experience designing cybersecurity systems in a Linux environment.
  • Familiarity with virtualized environments and conducting all-source research.
Job Description Matching

Match and compare your resume to any job description

Start Matching
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service