Previous Job
Previous
Incident Response Analyst
Ref No.: 18-03644
Location: Reston, Virginia
Position Type:Direct Placement
Pay Rate : $ 120,000.00 - 170,000.00 /Year
Responsibilities:
  • Proactively search through network, system, and log data to find and identify undetected threats
  • Analyze threat intelligence (e.g. actors, hack tools, exploits, malware, etc.) and determine techniques, tactics, and procedures of Threat Actors
  • Analyze events/data feeds for event detection, correlation from monitoring solutions, triage and classify the output using automated systems for further investigation
  • Translate analytical findings into security use cases that can be communicated to the security engineering team
  • Assist in vulnerability identification, correlation and remediation
  • Provide mentoring and training to the larger Information Security team in threat hunting, advanced analysis, IR techniques, and threat intelligence
  • Execute processes within all activities within the security Incident response lifecycle
  • Lead efforts in improvement/development of process/procedure manuals and documentation for incident response, threat intelligence, advanced persistent threat detection and vulnerability analysis
  • Develop communication channels with technology owners and the business to evangelize the evolving threat landscape
Requirements:
  • 10+ years' overall industry experience
  • 5 years in an incident response capacity
  • Experience with packet analysis of TCP and UDP protocols
  • Complex event correlation techniques
  • Experience with common operating systems, both from a forensic and threat hunting point of view
  • Experience working with/using correlation tools such as log aggregation tools or a SIEM for analysis
  • Ability to recognize common attack vectors such as, recon scans, botnet, malware, command and control activity (C2), worms, trojans, and viruses
Pluses:
  • Certifications: GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Intrusion Analyst (GCIA), CISSP
  • Experience with the reverse engineering and analysis of malware
  • Experience with the writing use cases to identify insider threat activity
  • Ability to write and or update scripts to help automate routine issues
  • Ability to communicate effectively with senior leadership of the organization