Today
Top Secret
Unspecified
Unspecified
Finance
Arlington, VA (On-Site/Office)
Tyto Athene is searching for a Senior Digital Forensics Incident Response Analyst to support our customer in Arlington, Virginia.
Responsibilities:
* Utilize state-of-the-art technologies such as EDR, SEIM, and full packet capture to perform hunt and investigative activity to examine endpoint and network-based activity
* Conduct host and network forensics, log analysis, triage, and malware analysis in support of incident response
* Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes
* Contribute to rule and signature creation for cybersecurity tools
* Lead IR activities and provide regular incident updates to key stakeholders and executive leadership
* Serve as the primary incident point of contact with customer, third-party vendors, and other external parties
* Work with key stakeholders to implement remediation plans in response to incidents
* Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership
* Capture cybersecurity metrics in direct support to regular tactical and executive-level briefings (daily, weekly, monthly, quarterly, annual, and ad hoc)
* Create IR and forensics reports documenting findings, detailed analysis, recommendations, and lessons learned.
* Act as a technical escalation point for SOC Watch Floor and mentor junior staff
* Author Standard Operating Procedures (SOPs) and training documentation when needed
Required:
* Bachelor's degree in computer science, Information Technology, or related field and 6 years of relevant experience or a Masters degree and 2 years
* Experience with EDR and SIEM technologies
* Advanced knowledge of TCP/IP protocols
* Knowledge of Windows and Linux operating systems
* Understanding of MITRE ATT&CK and D3FEND
* Knowledge of advanced attacker tools, techniques, and procedures (TTP)
* Current malware campaigns TTPs
* Experience with malware analysis
* Experience with digital forensics tools and case procedures
* Deep packet and log analysis
* Knowledge of enterprise architecture including zero trust principles
* Common phishing techniques and how to investigate them
* Proficiency in technical writing
* Experience in customer service or client-facing roles
* Experience presenting and speaking to leadership
* The ability to mentor Tier 1 and Tier 2 analysts
Desired:
* Working knowledge of regex and scripting languages is highly preferred
* Additional relevant certifications such as those from GIAC or CompTIA
* Experience with major cloud service provider offerings
* Knowledge of offensive security tools and techniques
* Experience with cyber threat intelligence gathering and analysis
* Experience with cyber threat hunting
Clearance: Active Top Secret required. Top Secret w/ SCI eligibility preferred.
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
Compensation:
• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $130K-$140K. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
Benefits:
• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave
Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.
At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?
Tyto Athene is an Equal Opportunity Employer and fully complies with all EEOC regulations. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Responsibilities:
* Utilize state-of-the-art technologies such as EDR, SEIM, and full packet capture to perform hunt and investigative activity to examine endpoint and network-based activity
* Conduct host and network forensics, log analysis, triage, and malware analysis in support of incident response
* Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes
* Contribute to rule and signature creation for cybersecurity tools
* Lead IR activities and provide regular incident updates to key stakeholders and executive leadership
* Serve as the primary incident point of contact with customer, third-party vendors, and other external parties
* Work with key stakeholders to implement remediation plans in response to incidents
* Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership
* Capture cybersecurity metrics in direct support to regular tactical and executive-level briefings (daily, weekly, monthly, quarterly, annual, and ad hoc)
* Create IR and forensics reports documenting findings, detailed analysis, recommendations, and lessons learned.
* Act as a technical escalation point for SOC Watch Floor and mentor junior staff
* Author Standard Operating Procedures (SOPs) and training documentation when needed
Required:
* Bachelor's degree in computer science, Information Technology, or related field and 6 years of relevant experience or a Masters degree and 2 years
* Experience with EDR and SIEM technologies
* Advanced knowledge of TCP/IP protocols
* Knowledge of Windows and Linux operating systems
* Understanding of MITRE ATT&CK and D3FEND
* Knowledge of advanced attacker tools, techniques, and procedures (TTP)
* Current malware campaigns TTPs
* Experience with malware analysis
* Experience with digital forensics tools and case procedures
* Deep packet and log analysis
* Knowledge of enterprise architecture including zero trust principles
* Common phishing techniques and how to investigate them
* Proficiency in technical writing
* Experience in customer service or client-facing roles
* Experience presenting and speaking to leadership
* The ability to mentor Tier 1 and Tier 2 analysts
Desired:
* Working knowledge of regex and scripting languages is highly preferred
* Additional relevant certifications such as those from GIAC or CompTIA
* Experience with major cloud service provider offerings
* Knowledge of offensive security tools and techniques
* Experience with cyber threat intelligence gathering and analysis
* Experience with cyber threat hunting
Clearance: Active Top Secret required. Top Secret w/ SCI eligibility preferred.
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
Compensation:
• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $130K-$140K. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
Benefits:
• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave
Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.
At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?
Tyto Athene is an Equal Opportunity Employer and fully complies with all EEOC regulations. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
group id: 91085617
