Vacancy caducado!
Longeviti LLC is searching for a Computer Forensic and Intrusion Analyst (Senior). Longeviti is a government contractor specializing in providing professional support services in fields of information technology, program management, agency administration, intelligence analysis, language translation, culture immersion, and serving as opposing forces/role players. We are a certified 8(a) and small disadvantaged business that excels in the market having earned our status as an ISO 9001 certified provider of services and are rated as CMMI Level 3 in both Development and Services. Quality and continuous improvement are basic tenets of the organization and giving our staff the tools to make it happen are a trademark. Customer satisfaction is paramount.
Longeviti seeks a Computer Forensic and Intrusion Analyst (Senior) to provide mission support to the Department of Defense Cyber Crime Center (DC3). This position will be a Senior Cybersecurity Intelligence Analyst for the DoD/Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE). SECURITY CLEARANCE:- Must have an active Secret security clearance. Only candidates with a current Secret clearance will be considered.
- Due to federal security clearance requirements, applicant must be a United States Citizen.
- Author strategic and tactical cyber threat reports that detail threats to the Defense Industrial Base for DIB and US Government partner consumption
- Candidates should have a strong background tracking Advanced Persistent Threat (APT) activity and associated Tactics, Techniques and Procedures (TTPs) that threaten data and information systems
- Products ultimately contribute to network defense and cyber threat awareness
- Experienced in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection
- Experience with Domain Name Service records
- Experienced with Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength
- Experience with intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity
- Experience with confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware, and system forensic analysis
- Experienced presenting technical information and analysis to groups up to 50 persons on a quarterly basis and experience briefing smaller groups up to 10 persons on a weekly basis
- Minimum of five years of experience tracking and profiling APT groups
- Comprehensive understanding of APT TTPs and indicators of compromise (IOC)
- A working understanding of cyber threat intelligence platforms to collect and correlate cyber threat information
- Deep understanding of operating systems: file structures, processes, services, and application execution
- Understanding of malware functionality, static and dynamic analysis, and ability to identify IOCs, attributes and understanding of signatures
- Experience writing detailed threat reports, based on own analytic initiative, and using multi-source intelligence and narrative analysis, which lead to a supported conclusion
- Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model and MITRE ATT&CK
- Experience performing focused research and analysis to write complete, accurate, relevant, and timely cyber threat intelligence reports to support network defense
- Ability to create and present compelling briefings to relay relevant cyber threat information to technical and non-technical audiences
- Flexibility to adapt to changing priorities and tight timelines
- Experience with basic usage of scripting languages such as Python, Powershell, Bash for automation and data analysis
- Two to four years SOC experience
- Several years of IC experience
- Expertise with VirusTotal Intelligence, DomainTools Iris
- Industry certifications; CEH, GCTI, GOSI, OSCP, GCED, GDAT, GDSA, GRID, GEVA, GPEN, GXPN
- Ability to develop Yara or Snort signatures
- Possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others.
- Bachelor’s degree from an accredited college in a related discipline, or equivalent experience/combined education, with 5 years of professional experience; or 3 years of professional experience with a related Master’s degree.
Vacancy caducado!