Tier 3 Incident Response Senior Analyst

About The Position

Requirements

• Three years of incident response experience.
• Active TS/SCI (DoD TOP SECRET clearance with Sensitive Compartmented Information access) eligibility is required.
• Associate's degree in a Computer Science, Information Technology, Information Systems, or Computer Engineering field; OR five (5) years of relatable work experience.
• DoD 8570 IAT Level II certification.
• DoD 8570 CSSP Incident Responder certification (or be able to obtain within 180 days).

Responsibilities

• Collect and analyze network and host artifacts from a variety of sources to include logs, system images and packet captures to characterize activity, determine root cause, operational impact, and to enable rapid remediation and mitigation of cyber threats within the Enterprise Network through the investigation process.
• Conduct forensic analysis of device timeline, device memory, file systems, and packet captures (pcap) - Digital Forensics & Incident Response (DFIR).
• Manage and document cyber defense incidents from initial detection through final resolution.
• Perform quality assurance on routine cyber incident reporting to ensure accuracy and compliance to policies and procedures.
• Make recommendations for alert tuning and creation of new detection use cases from information gathered during response to new techniques observed on the network.
• Mentor junior analysts and guide them through the investigation process as necessary.
• Develop and refine curriculum for the supported customer's Incident Response Course.
• Assist in instructing an Incident Response Course.

Benefits

• Paid relocation assistance
• Competitive paid vacation package with 11 paid federal holidays
• High-quality, low-deductible healthcare plans
• Pet insurance
• Competitive 401K package