Seeking an Incident Response / Counter-Intelligence Subject Matter Expert to identify, assess, control, and manage cyber risk throughout a major federal agency. The Incident Response / Counter-Intelligence Subject Matter Expert is responsible for protecting data assets when a cyber-security incident occurs. The Incident Response / Counter-Intelligence Subject Matter Expert will perform a detailed forensics level sweep of infrastructure involved in the cyber-security incident. The Incident Response / Counter-Intelligence Subject Matter Expert will launch countermeasures to gain intelligence on the cyber-security incident preparator(s).
- Performs analysis of advance persistent threat by analyzing computers, user communications, networks, servers, and other infrastructure using forensic tools.
- Conducts forensic analysis of the incident and reverse engineers the root cause of the threat. Recommends countermeasures based on identified patterns used by preparators.
- Delivers written and oral briefings of the incident.
- Ability to forensically analyze systems for evidence of compromise
- Knowledge of forensic artifacts
- Experience hunting threat actors in large enterprise networks Analyze and/or decipher packet captures from network protocol analyzers
- Demonstrate an understanding of the behavior, security risks and controls of common network protocols
- Possess an understanding of techniques and practices used to encode and encrypt common network traffic and common attacks on these controls
- Familiarity with the tools and techniques required to analyze & reverse diverse protocols and data traversing a network environment
- Demonstrate an understanding of the architecture, deployment, benefits, and weaknesses of network security proxies, common log formats and flow of data in a wired or wireless network environment
- Proficient in writing a cohesive narrative around packet analysis for a technical and non-technical audience
- Understanding of risk management and how it impacts organizational security posture Advanced understanding of information security governance concepts, including familiarity with elements of cyber-security incident response plans, and incident response management and lifecycle
- Active Top Secret (TS) / Sensitive Compartmented Information (SCI) Level
- Bachelor’s or master’s degree is preferred
- Minimum 10 years’ experience in the cyber-security field working with federal agencies.
- Minimum 5 years of experience in cyber threat analysis/intelligence analysis including network security, computer forensics, static code analysis, advance network packet analysis and malicious code analysis.
- Knowledge of cyber-security incident management processes across large federal agencies.
- One or more of the following certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensics Analyst (GCFA), Certified Ethical Hacker (CEH), Encase Certified Examiner (ENCE)
- Strong documentation skills, attention to detail, and critical/innovative thinking.
- Strong internal and external verbal and written communication skills.
- Excellent oral and written communication skills to communicate with senior agency management.
- Ability to prioritize and perform multiple tasks on short notice within established deadlines
- Ability to solve problems and willingness to work engineering and other support teams.
We are growing our business on a culture of employee engagement. If you are a team-centric, creative professional seeking a challenging and fulfilling career, come grow with us!
Snap, IncSNAP Inc. provides professional services that empower Government and private industry clients to address tomorrow’s challenges through better alignment of technology with their mission and business objectives. Employees of SNAP Inc. receive Paid Leave, Medical and Dental coverage (employee is paid for 100% by the company; dependents 50%), Life and Disability Coverage, and other benefits. We are growing our business on a culture of employee engagement. If you are a team-centric, creative professional seeking a challenging and fulfilling career, come grow with us!