Farfield Systems – Host Cyber Forensics 3 – Arlington, VA

September 21, 2022

Job Description

Job title: Host Cyber Forensics 3

Company: Farfield Systems

Job description: Job description

Farfield will assist the Federal staff within the Cybersecurity and Infrastructure Protection Agency (CISA) Hunt and Incident Response Team (HIRT), and National Cybersecurity and Assessment and Technical Services (NCATS) branches, with a broad set of support functions.The Hunt and Incident Response Team is DHS’s front line when responding to cyber incidents and

proactively hunting for malicious cyber activity. HIRT leverages world-class expertise to lead response,

containment, remediation, and asset recovery efforts with its constituents and partners. HIRT provides

two primary functions to its customer. First, HIRT serves as DHS’s primary operations arm in the

execution of the asset response mission delegated to DHS.

When any civilian Government agency or critical asset owner operator experiences a cyber-attack, HIRT

can provide remote and onsite advanced technical assistance. Second, HIRT also can be called upon to proactively identify malicious activity, otherwise known as a “hunt”, specifically focusing on identifying

threats from sophisticated threat actors that are often undetected, and in situations beyond the capacity and capability of traditional cyber security tools and techniques.

*** Requires a Top Secret/SCI clearance and U.S. Citizenship***

We look for experience with:

MITRE ATT& CK; Windows Event IDS; familiarity with Linux and Windows artifacts and interpretation; network topologies/ architecture; basic malware analysis; Incident Response and threat hunting (at scale); Advance Persistent Threats (APTs) tactics, techniques and protocols (TTPs); computer forensics, Digital Forensics, Memory Forensics, Red/ Blue/ Purple Team.

Basic Qualifications:

  • Splunk use is a must. Splunk certs are great. Operational use is key
  • 5-7 years of experience with relevant bachelor’s and experience
  • 7-9 years of experience with high school diploma and relevant experience
  • CHFI
  • GCFE
  • GCIH
  • Demonstrated use with: FTK, Encase, Axiom. Xways, Autopsy, SIFT, Mandiant HX, FireEye, SOF-ELK, Moloch, Wireshark, Network Miner, NetWitness, CyberChef, Corelightm, Zeek, Bro IDS, Security Onion, ArcSight

Desried Qualifications:

  • Powershell
  • Python

Farfield Systems will provide reasonable accommodations to applicants who are unable to utilize our online application system due to a disability. Please send your request to [email protected] or call us for assistance at 410-874-9363.

Farfield Systems is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Powered by JazzHR

Expected salary:

Location: Arlington, VA

Job date: Wed, 21 Sep 2022 04:12:26 GMT


Related Jobs