Job Description: Plan and investigate cyber incidents including establishing cyber incident cases: Set up a response plan with procedures. Focus and coordinate with I&W to focus on incident prevention. Incident prevention is especially important in order to reduce the seriousness of a cyber incident.
Incident management: detect potential/actual issues; contain the event, especially when related to malware installed on servers; remediate including eradication of malware; recover from the event and restore systems to full functionality; perform computer security incident response activities for a large organization, coordinate with other government agencies to record and report incidents. Monitor & analyze Intrusion Detection Systems (IDS) to identify security issues for remediation. Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information. Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications & operating systems. Assist with implementation of counter-measures or mitigating controls. Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices. Perform periodic and on-demand system audits and vulnerability assessments including user accounts, application access, file system and external Web integrity scans to determine compliance. Prepare incident report of analysis methodology and results.
* Work to be performed in the Springfield, VA area*
The Cyber Threat
Analyst Staff must have a minimum of 3 or more years
of cyber security experience (DoD 8570 requirement). For
8570 Compliance, must have or be able to obtain CEH, GICA or GCIH within 6
be able to satisfy requirements for Computer Network Defense (CND) Analyst,
Infrastructure Support, Incident Responder, and Auditor positions in
accordance with the ND 50-05 (IAWEP) guidance.
* Advanced use of forensic
* Investigating advanced persistent
threat (APT), hacker/breach investigations, intrusion analysis, and advanced
* Computer forensics methodology. * In-depth Windows FAT and exFAT file