Job Information
RedTrace Technologies Inc Digital Forensic Incident Response (DFIR) Analyst - Mid Level (TS required, eligible for SCI) in Washington, District Of Columbia
SECURITY CLEARANCE REQUIREMENT: TS, WITH SCI ELIGIBILITY
POSITION REQUIRES US CITIZENSHIP
Company Overview: As a Cybersecurity, Information Technology, and Management Consulting firm focused on assisting our commercial and U.S. Intelligence Community clients proactively mitigate threats, RedTrace Technologies is seeking talented and innovative team members to join us in support of an exciting information operations, intelligence analysis, and cybersecurity requirement. Candidate must be a US citizen and have an active Top Secret Clearance with eligibility to obtain SCI and obtain and maintain a CI Poly.
Position Description:
DFIR Analyst is responsible for preventing the escalation of severe security threats and providing reports to the security team. This position utilizes tools to minimize the effects of a security breach on the computer network and performs an analysis to ensure that computer networks are clear of threats.
Roles and Responsibilities:
Conduct full range of advanced professional duties required to monitor network activity, document and report on information security issues and emerging trends
Provide threat and vulnerability analysis
Monitor endpoint protection/detection for anomalies using designated escalation paths for remediation
Review and monitor Security Information and Event Management (SIEM) log data for unauthorized access and initiate investigations if necessary
Perform malware threat hunting using industry-leading products and applications
Participate in developing security strategies
In addition, the DFIR Analyst shall:
Perform against established operational rhythm, expectations, and standards for Security Operations Center (SOC) DFIR line of effort
Be part of the 24x7 operations of the FBI ESOC
Perform advance incident handling responsibilities with direct interface with ESOC management team
Identify areas of improvement for SOC processes and tools to enhance the mission
Basic Qualifications:
MUST BE A US CITIZEN
Bachelor's degree
TS clearance (eligibility to obtain SCI and pass CI poly)
5+ years of experience with crisis management, incident response, strategic communications, or risk management
5+ years of experience with supporting facilitation of trainings or briefing sessions
Adept knowledge of cybersecurity and incident response principles, crisis management and emergency management principles
Ability to leverage available learning resources, both internal and external
Experience with advanced Microsoft Office products
Ability to work within a highly collaborative, fast-paced, dynamic environment
Possession of excellent verbal and written communication skills
Possession of excellent interpersonal skills, including client management skills
Strong IR and Digital forensics experience, and cloud experience is preferred
Additional Qualifications:
The ideal candidate will have experience with four or more of the items below:
Splunk Search Processing Language (SPL)
Microsoft Defender for Endpoint (MDE)
Microsoft Azure Sentinel
Kusto Query Language (KQL)
Linux Bash
PowerShell/CMD
Networking - intermediate level knowledge of computer networking
Type 2 Hypervisor software such as VMware Workstation Pro, VirtualBox, Hyper-V
Comfortable using various distributions of Linux
Employee Benefits:
Competitive salary for well qualified applicants
401(k) plan
Annual performance bonus
Certification and advanced degree attainment bonuses
Student Loan / Tuition reimbursement
Health Care Insurance (medical, dental, vision)
Up to four weeks of paid vacation
11 Federal Holidays, and 3 Floating Holidays
Team bonding events
RedTrace Technologies is an EOE employer.
Powered by JazzHR