Cyber Security Analyst
Locations:
Washington, D.C.
Apply For this position:
To apply for this postion send a Microsoft Word copy of your resume to:
Description:
Support cyber investigative capability, responding to threats to information and information infrastructure such as remote network intrusion, insider access, and/or supply chain attacks. Personnel shall demonstrate proper use of the internet, associated rules of law, proper methods to support the collection of evidence, and perform forensic analysis to support cyber investigative activities. Personnel shall have access to all the latest standard investigative and forensic tools and be familiar with their implementation. Personnel shall also be familiar with tools associated with the identification of anomalous behavior on the network which may be indicative of insider activity.
• Develop Insider Threat Detection and Cyber Investigations Strategy
• Investigate indicators of insider activity on the network (via audit log analysis and active replay capabilities)
• Investigate indicators of network (wired/wireless) intrusions
• Investigate indicators of supply chain attacks involving resources
• Collaborate with key investigative efforts; returning latest intelligence
• Identify adversarial tactics, techniques, and procedures (TTP’s) to support predictive analysis
• Conduct review of host security, login, web, IDS, firewall, IPS, domain logs
• Conduct technical interviews
• Conduct computer search and seizure
• Conduct imaging, forensic analysis/data acquisition (FRED, Log Collector, Q-Tip)