Today
Secret
Unspecified
CI Polygraph
IT - Security
Washington, DC (On-Site/Office)
Job Description
ECS is seeking a Cyber Defense Incident Responder (SME) to work in our Washington, DC or Clarksburg, WV office. Please note: This position is contingent upon contract award.
ECS is seeking a qualified Cyber Defense Incident Responder (SME) to support cybersecurity operations for the Federal Bureau of Investigation. You will provide leadership and cyber SME support for the Digital Forensics and Incident Response (DFIR) Team, playing a crucial role in the FBI's cybersecurity defense strategy.
The DFIR team is responsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation. The team will meticulously gather and analyze extensive datasets to bridge informational gaps associated with cyber-attacks. This involves identifying perpetrators, understanding their intrusion methods, and meticulously documenting the precise sequence of actions that compromise system integrity.
Responsibilities
Salary Range: $160,000 - $200,000
Required Skills
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, sex, age, sexual orientation, gender identity or expression, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, status as a crime victim, disability, protected veteran status, or any other characteristic protected by law.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
ECS is seeking a Cyber Defense Incident Responder (SME) to work in our Washington, DC or Clarksburg, WV office. Please note: This position is contingent upon contract award.
ECS is seeking a qualified Cyber Defense Incident Responder (SME) to support cybersecurity operations for the Federal Bureau of Investigation. You will provide leadership and cyber SME support for the Digital Forensics and Incident Response (DFIR) Team, playing a crucial role in the FBI's cybersecurity defense strategy.
The DFIR team is responsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation. The team will meticulously gather and analyze extensive datasets to bridge informational gaps associated with cyber-attacks. This involves identifying perpetrators, understanding their intrusion methods, and meticulously documenting the precise sequence of actions that compromise system integrity.
Responsibilities
- Assist in analyzing alerts, iden ti fying true posi ti ves, and priori ti zing incidents based on severity and impact.
- Conduct forensic analysis on systems and networks to determine the scope and impact of security incidents.
- Work with the watch floor to develop and refine incident response plans.
- Analyze threat intelligence feeds, indicators of compromise (IOCs), and TTPs (Tac ti cs, Techniques, and Procedures) to iden ti fy and respond to emerging threats.
- Conduct a thorough post-incident analysis to iden ti fy root causes and vulnerabili ties
- Conduct regular joint training exercises and tabletop simula ti ons to help strengthen coordina tion.
- Par ti cipate in red teaming exercises to simulate real-world attacks and iden ti fy areas for improvement.
- Possess deep exper ti se in a variety of opera ti ng systems, including advanced knowledge of Windows, Linux, and macOS, enabling effec ti ve analysis and response across diverse technical environments.
- Exhibit a profound understanding of intricate network protocols and technologies, facilita ti ng strategic assessments of complex network incidents and vulnerabili ties.
- Highly skilled in advanced malware analysis techniques, capable of devising and execu ti ng targeted threat mi ti ga ti on strategies tailored to specific organiza ti onal needs.
- Possess specialized knowledge in forensic imaging and data recovery techniques, employing innova ti ve methodologies to effec ti vely preserve and analyze digital evidence.
- Possess comprehensive knowledge of advanced persistent threats (APTs), including strategic foresight regarding their tac ti cs, techniques, and procedures (TTPs) and corresponding countermeasures.
- Demonstrate advanced proficiency in a range of digital forensics tools, such as EnCase and FTK, while evalua ti ng and implemen ti ng emerging technologies to enhance inves ti ga ti ve capabili ties.
- Mentor and develop junior staff, enhancing the overall capabili ti es of the DFIR team and promo ti ng a culture of con ti nuous improvement and excellence.
Salary Range: $160,000 - $200,000
Required Skills
- Must have a current Top-Secret Clearance with the capability of obtaining SCI / CI-Poly if needed to meet contract requirements
- Expert experience with Splunk Enterprise Security.
- Must currently live within commuting distance to Washington, DC; OR Clarksburg, WV or be willing to relocate.
- Ability to work independently and as part of a team.
- 15+ years of relevant experience; OR
- Experience with Axiom Forensics Suite
- One or more of the following active Certifications (or similar):
- GIAC Con ti nuous Monitoring Cer ti fica ti on (GMON)
- GIAC Cer ti fied Incident Handler (GCIH)
- GIAC Cer ti fied Forensic Analyst (GCFA)
- GIAC Cer ti fied Intrusion Analyst (GCIA)
- GIAC Network Forensic Analyst (GNFA)
- GIAC Cloud Threat Detec ti on (GCTD)
- GIAC Cloud Forensics Responder (GCFR)
- GIAC Advanced Smartphone Forensics Cer t ific at ion (GASF)
- GIAC Mobile Device Security Analyst (GMOB)
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, sex, age, sexual orientation, gender identity or expression, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, status as a crime victim, disability, protected veteran status, or any other characteristic protected by law.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
group id: 10112231A