JobHire
face icon
Register to automatically apply for this and similar jobs
Register
star

Host-Based Systems Analyst

Node.Digital

Arlington, virginia


Job Details

Full-time


Full Job Description

Host-Based Systems Analyst

Location: Arlington, VA

Must have an active Top Secret Security Clearance

Node provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based, and cloud-based cybersecurity analysis capabilities. Team personnel provide front-line response for digital forensics/incident response (DFIR) and proactively hunt for malicious cyber activity.

We are seeking Cyber Network Defense Analysts (CNDA) withCloud Forensics experience to support this critical customer mission.

Responsibilities:

- Acquire/collect computer artifacts and logs in support of onsite and remote engagements

- Triage electronic devices and assess evidentiary value

- Correlate forensic findings to network events in support of developing an intrusion narrative

- Collect and document system state information (e.g. running processes, network connections) prior to imaging, as required

- Perform forensic triage of an incident to include determining scope, urgency, and potential impact

- Track and document forensic analysis from initial participation through resolution

- Collect, process, preserve, analyze, and present computer-related evidence

- Coordinate with Government staff and customer personnel to validate/investigate alerts or additional preliminary findings

- Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products

- Support cloud development and automation projects to enhance threat emulation capabilities

- Assist in documenting Computer Network Defense (CND) guidance and create reports pertaining to incident findings.

Requirements

Required Skills/Clearances:

- U.S. Citizenship

- Active TS/SCI clearance

- Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability

- 10+ years of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools

- In-depth understanding of SaaS, PaaS, and IaaS in the Cloud Environment

- Ability to create forensically sound duplicates of evidence (forensic images)

- Ability to author cyber investigative reports documenting digital forensics findings

- Proficiency with analysis and characterization of cyber attacks

- Knowledge of cloud development and automation tools such as Terraform, Kubernetes, AWS CloudFormation, Azure Resource Manager, and Docker.

- Skilled in identifying different classes of attacks and attack stages

- Understanding of system and application security threats and vulnerabilities

- Understanding of proactive analysis of systems and networks, including creating trust levels of critical resources

Desired Skills:

- Knowledge of strategies/architectures involved in implementing M365/Azure authentication, how these relate to a federated identity solution, and a fundamental understanding of how threat actors would target identity to compromise an environment

- Advanced experience and proficiency across various aspects of IT operations (e.g. networking, virtualization, identity, security, business continuity, disaster recovery, data management, governance)

- Experience and understanding in the acquisition, processing, and analysis of digital evidence from onsite enterprises and cloud-native platforms

- Fundamental understanding of APIs and proficiency with PowerShell/PowerShell modules leveraged to conduct API queries as they relate to Azure/M365

- Proficiency with scripting languages (e.g. Bash, Python, PowerShell, JS) for automation of hunt tools used in commercial cloud environments

- Ability to develop tools, architecture, and configurations in Azure environment to support identifying threat actor activity.

- Understanding of how Azure/M365 platform protection is implemented and security operations available

Required Education:

BS Computer Science, Cybersecurity, Computer Engineering, or related degree; or HS Diploma & 4-6 years of host or digital forensics experience.

Desired Certifications:

- One or more of the following certifications: GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS certifications, Microsoft Azure associated certifications.

Company Overview:

Node. Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.

Our Core Values help us in our mission. They include:

OUR CORE VALUES

Identifying the~RIGHT PEOPLE~and developing them to their full capabilities

Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner

We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence

Our mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions.

Benefits

We are proud to offer competitive compensation and benefits packages to include:

  • Medical
  • Dental
  • Vision
  • Basic Life
  • Long-Term Disability
  • Health Saving Account
  • 401K
  • Three weeks of PTO
  • 10 Paid Holidays
  • Pre-Approved Online Training

Get 10x more interviews and get hired faster.

JobHire.AI is the first-ever AI-powered job search automation platformthat finds and applies to relevant job openings until you're hired.

Registration