Host Based Systems Analyst 4

Farfield Systems - Arlington, VA

posted 5 days ago

Full-time
Arlington, VA
Professional, Scientific, and Technical Services

About the position

The Host Based Systems Analyst 4 position is part of the DHS's Hunt and Incident Response Team (HIRT), which is responsible for securing the Nation's cyber and communications infrastructure. The role involves providing advanced technical assistance, conducting forensic investigations, and proactively hunting for malicious cyber activity. Analysts will work both remotely and onsite to respond to cyber incidents, ensuring effective incident response and resolution through host-based and network-based cybersecurity analysis capabilities.

Responsibilities

  • Assisting Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating evidence collection operations
  • Providing technical assistance on digital evidence matters and forensic investigative techniques to appropriate personnel when necessary
  • Writing in-depth reports, supporting with peer reviews and providing quality assurance reviews for junior personnel
  • Supporting forensic analysis and mentoring/providing guidance to others on data collection, analysis and reporting in support of onsite engagements
  • Assisting with leading and coordinating forensic teams in preliminary investigation
  • Planning, coordinating and directing the inventory, examination and comprehensive technical analysis of computer related evidence
  • Distilling analytic findings into executive summaries and in-depth technical reports
  • Serving as technical forensics liaison to stakeholders and explaining investigation details to include forensic methodologies and protocols
  • Tracking and documenting on-site incident response activities and providing updates to leadership throughout the engagement
  • Traveling to incident response locations in the United States, Territories & Possessions
  • Evaluating, extracting and analyzing suspected malicious code

Requirements

  • U.S. Citizenship
  • Must have an active TS/SCI clearance
  • Must be able to obtain DHS Suitability
  • 8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools
  • Ability to create forensically sound duplicates of evidence (forensic images)
  • Able to write cyber investigative reports documenting digital forensics findings
  • Experience with the analysis and characterization of cyber attacks
  • Experience with proper evidence handling procedures and chain of custody protocols
  • Skilled in identifying different classes of attacks and attack stages
  • Knowledge of system and application security threats and vulnerabilities
  • Knowledgeable in proactive analysis of systems and networks, to include creating trust levels of critical resources
  • Must be able to work collaboratively across physical locations.

Nice-to-haves

  • Experience with or knowledge of two or more of the following tools: EnCase, SIFT, X-Ways, Volatility, WireShark, Sleuth Kit/Autopsy, Magnet Axiom Cyber, Snort, Splunk or other SIEM Tools (ArcSight, LogRythm, Elastic, Etc.), Other EDR Tools (Crowdstrike, MDE, Trellix, Etc.)
  • Proficiency with conducting all-source research.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service