19 Sep
Digital Forensics Analyst/Incident Responder
Maryland, Crownsville , 21032 Crownsville USA

Vacancy expired!

About DMI DMI (Digital Management, LLC.) is a global technology solutions company that specializes in digital strategy, design, transformation and support. Utilizing expertise from six unique DMI Groups, in the areas of AI & Analytics, Commerce, Experience, Managed Services, Transformation, and Government, DMI delivers intelligent digital transformation solutions that meet organizations where they are. Born digital, DMI has been delivering mission-critical, enterprise grade solutions since 2002 for over a hundred Fortune 1000 enterprises and all fifteen U.S. Federal Departments. DMI has grown to 2,000+ employees globally and has been continually recognized by top industry analysts as market leader as well as a Top Place to Work by the Washington Post. DMInc.com | Careers | Twitter | LinkedIn | Facebook About the Opportunity DMI (Digital Management, LLC.) is looking for a

Digital Forensics Analyst/Incident Responder. The role will work closely with Government counterparts to provide support in cybersecurity incident response, mitigation, analysis, & information dissemination. Provide analysts Tier 3 support, systems, and network forensic investigation support for the Security Operations Center (SOC) activities. Work as a technical leader within the State of Maryland DoIT SOC & responsible for maintaining the integrity of the cybersecurity related analysis. This role will be responsible for performing the following tasks:

Duties and Responsibilities:
  • Report to Director of Security Operations or his/her designee
  • Provide SOC Analyst Tier 3 escalation support
  • Plan, initiate, and conduct investigations for cybersecurity incidents response efforts
  • Perform forensic examinations on compromised systems
  • Understand and use forensic tools and techniques for cybersecurity incidents
  • Create forensic root cause and scope of impact analysis reports
  • Contribute to technical briefings on the details of forensics exams and report
  • Provide support in conducting malware analysis of attacker tools
  • Stay current on incident response and digital forensics skills, best practices, and tools
  • Train SOC analysts on usage of SIEM tools (Splunk), and basic event analysis
  • Develop rules and tune SIEM and related tools to streamline the event analysis done by the SOC
  • Assist developing new processes and procedures for SOC monitoring
  • Monitor networks for threats from external and internal sources
  • Analyze network traffic of compromised systems and networks
  • Correlate actionable security events from various sources
  • Review threat data and develop custom detection signatures
  • Gather and analyze threat intelligence data and conduct threat hunting
  • Understand cybersecurity attacks and tactics, techniques, and procedures (TTPs) associated with advanced threats
  • Communicate clearly with Government counterparts, and SOC customers
  • Development and implementation and operational and technical incident response processes, procedure, guidance, and standards
  • Ability to work outside of regular business hours, the role may require on-call support after regular business hours or weekends.
Qualifications

Education and Years of Experience: The proposed candidate must have:
  • Bachelor's degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering or related scientific or technical discipline and 4+ years of experience. Associate degree and/or cyber courses/certifications or 5 years of experience in directly related fields may be substituted in lieu of bachelor's degree

Required Skills/Certifications:
  • Hands-on experience with security monitoring and SIEMs tools - Splunk Enterprise Security is preferred
  • Demonstrated working knowledge of cyber forensics and incident handling best practice processes, procedures, standards, and techniques
  • Hands-on experience with forensics image capture tools i.e., FTK Imager, MAGNET ACQUIRE
  • Hands-on experience with system image/file system/registry forensics tools i.e., Encase, FTK, X-Ways, Magnet AXIOM, Sleuthkit, Access Data Registry Viewer, Registry Recon, or other)
  • Hands-on experience with PCAP analysis tools i.e., Wireshark, TCP Dump, Network Miner, Xplico, or other
  • Hands-on experience with memory forensics tools i.e., BlackLight, Volatility, SANS SIFT, Magnet RAM Capture, or FireEye Memoryze, CrowdStrike Crowd Response
  • Hands-on experience with Endpoint Detection & Response solutions - Tanium Threat Response, McAfee or other

Desired Skills/Certifications (Not Required)
  • Practical hands-on experience with static in malware analysis
  • Hands-on experience with malware anti-forensics, obfuscation, packing techniques
  • Hands-on experience with malware Analysis - Miscellaneous dynamic & static analysis tools (IDA Pro, Ghidra, OllyDBG, WinHex, HexEdit, HexDump, PeSTudio, REMux, OLEDUMP)
  • Hands-on experience with Custom Signature Creation - YARA
  • Scripting/Programming experience - Python, Perl, C, C, Go
  • Highly desired industry certifications include Certified Forensics Computer Examiner (CFCE), Computer Hacking Forensic Investigator (CHFI), GIAC Certified Forensic Examiner (GCFE), Certified Computer Examiner (CCE)
  • Relevant industry certifications such as Certified Ethical Hacker (CEH), GIAC Reverse Engineering Malware (GREM), Certified Reverse Engineering Analyst (CREA) etc.

Min. Citizenship Status Required: U.S Citizenship.

Physical Requirement(s): None.

Location: Crownsville, MD

Working at DMI DMI is a diverse, prosperous and rewarding place to work. Being part of the DMI family means we care about your wellbeing. As such, we offer a variety of perks and benefits that help meet various interests and needs, while still having the opportunity to work directly with a number of our award winning, Fortune 1000 clients. The following categories make up your DMI wellbeing:
  • Community - Blood drives, volunteering opportunities, Holiday parties, summer picnics, Tech Chef, Octoberfest just to name a few ways DMI comes together as a community.
  • Convenience/Concierge - Virtual visits through health insurance, pet insurance, commuter benefits, discount tickets for movies, travel and many other items to provide convenience.
  • Development - Annual performance management, continuing education and tuition assistance, internal job opportunities along with career enrichment and advancement to help each employee with their professional and personal development.
  • Financial - Generous 401k match for both pre-tax and post-tax (ROTH) contributions along with financial wellness education, EAP, Life Insurance and Disability help provide financial stability for each DMI employee.
  • Recognition - Great achievements do not go unnoticed by DMI through Annual Awards ceremony, service anniversaries, peer-to-peer acknowledgement through Give-A-Wow, employee referral bonuses.
  • Wellness - Healthcare benefits, Wellness programs, Flu Shots, Biometric screenings, on-site lactation rooms provide employees with several wellness options.
Employees are valued for their talents and contributions. We all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company. The company does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans, and to treat qualified individuals without discrimination on the basis of their physical or mental disability or veteran status. DMI is an Equal Opportunity Employer Minority/Female/Veterans/Disability. DMI maintains a drug-free workplace. No Agencies Please Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.

Vacancy expired!


Report job