Job title: Host Cyber Forensics 3
Company: Farfield Systems
Job description: Job description
Farfield will assist the Federal staff within the Cybersecurity and Infrastructure Protection Agency (CISA) Hunt and Incident Response Team (HIRT), and National Cybersecurity and Assessment and Technical Services (NCATS) branches, with a broad set of support functions.The Hunt and Incident Response Team is DHS’s front line when responding to cyber incidents and
proactively hunting for malicious cyber activity. HIRT leverages world-class expertise to lead response,
containment, remediation, and asset recovery efforts with its constituents and partners. HIRT provides
two primary functions to its customer. First, HIRT serves as DHS’s primary operations arm in the
execution of the asset response mission delegated to DHS.
When any civilian Government agency or critical asset owner operator experiences a cyber-attack, HIRT
can provide remote and onsite advanced technical assistance. Second, HIRT also can be called upon to proactively identify malicious activity, otherwise known as a “hunt”, specifically focusing on identifying
threats from sophisticated threat actors that are often undetected, and in situations beyond the capacity and capability of traditional cyber security tools and techniques.
*** Requires a Top Secret/SCI clearance and U.S. Citizenship***
We look for experience with:
MITRE ATT& CK; Windows Event IDS; familiarity with Linux and Windows artifacts and interpretation; network topologies/ architecture; basic malware analysis; Incident Response and threat hunting (at scale); Advance Persistent Threats (APTs) tactics, techniques and protocols (TTPs); computer forensics, Digital Forensics, Memory Forensics, Red/ Blue/ Purple Team.
- Splunk use is a must. Splunk certs are great. Operational use is key
- 5-7 years of experience with relevant bachelor’s and experience
- 7-9 years of experience with high school diploma and relevant experience
- Demonstrated use with: FTK, Encase, Axiom. Xways, Autopsy, SIFT, Mandiant HX, FireEye, SOF-ELK, Moloch, Wireshark, Network Miner, NetWitness, CyberChef, Corelightm, Zeek, Bro IDS, Security Onion, ArcSight
Farfield Systems will provide reasonable accommodations to applicants who are unable to utilize our online application system due to a disability. Please send your request to [email protected] or call us for assistance at 410-874-9363.
Farfield Systems is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Powered by JazzHR
Location: Arlington, VA
Job date: Wed, 21 Sep 2022 04:12:26 GMT