Govt Digital Forensics and Malware Analysis (FMA) puesto vacante

Vacancy caducado!

Govt: Digital Forensics and Malware Analysis (F&MA) - US Citizen (3 Positions)

Work Location: N.E. Washington DCDuration: 5 yearsInterview: Phone & Webex / CamCertifications: Any security related active cert will work.

Clearance: Public Trust background check with finger-printing and drug screening

skills: IR (incident response), digital forensics, Malware, IOS & Android, Soc or Security Operations, NIST 800-181 OR 800-53 Digital forensics and malware analysts include supporting the incident triage process through the examination and analysis of digital evidence and artifacts. The Contractor shall use a variety of tools to investigate incidents and take immediate action or recommending a course of action to safeguard the U.S. Courts’ system. This is a not a law enforcement or intelligence community activity.The Contractor shall coordinate and collaborate with the Intrusion Detection and Incident Response Teams to assist in the containment, eradication and recovery of incidents, and facilitate the development of new signatures and indicators to prevent future attacks against the client.While Digital Forensics is not a 24/7 operational function, the contractor shall provide support to 24/7 operations as directed by the COR and/or SOC Chief. This may require recall of staff at any point to support on-going investigations or response actions.The Contractor shall perform the following tasks to support digital forensics and malware analysis:a. Conduct immediate host-based and network-based forensic examinations on security incidents as they arise to determine the root cause and to reconstruct a timeline of events to facilitate incident response and recovery. Reverse engineer and deconstruct malware to extract relevant indicators of compromise and to provide a detailed understanding of the inner mechanisms of the malware for threat attribution and future detection. All examination data will be reported in the Forensics Case Management System, and relevant findings will be documented in the SOC ticketing system.b. Conduct malware analysis and reverse engineering as directed in a safe and secure Government environment in accordance with the Forensics and Malware Analysis Operations Guide to determine: how the malware functions; any attribution to its creation or deployment; timeline of effects; purpose of the malware; and what indicators can be used to facilitate detection and eradication. Ensure all findings are properly documented, reported, indexed, and searchable. Maintain list of “known bad” file and network indicators. Forensics and Malware Analysis Operations Guide will be provided upon award.c. Conduct forensic collection and analysis of all Judiciary supported devices, including but not limited to Linux, Windows, and Apple workstations, servers, as well as IOS and Android mobile devices, both online and offline, in support of the SOC Incident Response process. Ensure all evidence is handled in accordance with all federal regulations and requirements for chain of custody, and all findings are appropriately documented and submitted in the Forensic Case Management System. d. Provide clear and concise support to the customer. Communicate all findings in a clear and concise manner through written and verbal reporting to SOC management, other SOC teams and effected parties. Ensure all communications adhere to strict non-disclosure policies and procedures established in the SOCIRP and Forensics and Malware Analysis Operations Guide.e. Coordinate and provide direct support to the incident response process utilizing forensic information to support incident response and recovery. Provide subject matter expertise to facilitate containment and eradication of threats and assist in developing the course of action for incident recovery.f. Document all communications and actions in the SOC ticketing system in response to assigned incidents. Ensure tickets are properly updated in a timely manner and all artifacts are included. Escalate any concerns or requests through management as necessary.g. Directly support the STAR and be prepared to provide resources that may deploy on-site to provide incident response support for critical security incidents. STAR staff must be ready to travel anywhere within the United States and its territories within 24 hours of notification, with the necessary tools (provided by the Government) and be able to stay on site until the investigation/mission is complete. Please note that the SOC must continually be staffed at the minimum levels required even during STAR staff travel.h. Perform appropriate event escalation for events, notifications, and non-responsiveness from customers. Contractors will track all notifications and escalate tickets to Watch Officers or SOC management in cases where the customer is non-responsive or requires clarification that is outside the scope of the normal operations. Contractors will be familiar with the SOCIRP escalation and reporting procedures.i. Test new versions of forensic software for forensic validity before use in production environment. Validate, document, and test new versions of forensic suites and software for validity and correctness during analysis and reporting. Establish, document, and revise Standard Operating Procedures (SOPs) for use of specific versions of forensic software. Establish general SOPs for ingest, analysis, and reporting. The federal management staff will review, approve, and authorize the provided SOPs. All SOPs and Op Guides are federal government property. Contract staff provide recommendations in draft form for federal management review, approval and adoption.j. Digital Forensics Technicians must be able to perform the tasks and meet the skills, knowledge and abilities as described in NIST Special Publication 800-181 / 800-53

Vacancy caducado!

ID	#15652053
Estado	Distrito de Columbia
Ciudad	Washington
Tipo de trabajo	Permanent
Salario	USD Depends on Experience Depends on Experience
Fuente	JPI Technology
Showed	2021-06-20
Fecha	2021-06-09
Fecha tope	2021-08-08
Categoría	Etcétera
Crear un currículum vítae

Job Details

Govt: Digital Forensics and Malware Analysis (F&MA)