Computer Forensic Intrusion Analyst
Date Available: Immediate
# openings: 1
Location: Colorado Springs, CO or Aberdeen, MD
S2Technologies is seeking a skilled Computer Forensic and Intrusion Analyst to support our customer in the continued development and implementation of Defensive Cyberspace Operations (DCO). The successful candidate will utilize their expertise providing Tier II technical support for external and internal customers.
Job Responsibilities:
- Oversee and monitor performance of the DCO environment and take steps to resolve issues
- Work individually and actively participate in integrated teams, providing detailed documentation on issues/actions/resolutions
- Research, develop, and implement DCO solutions into the current architecture
- Identify risks, issues, and interdependencies between system elements, contracts, and stakeholders
- Execute DCO tool queries, initiation of initial response procedures and the preservation of forensic evidence, and encapsulation of suspected malware and CDS transfer failure using the formats specified by the customer
- Collect and report metrics on the DCO environment
- Maintain familiarity with changing system requirements and draft appropriate Deficiency Reports (DR), Problem Reports (PR), and/or Engineering Change Requests (ECR) as well as assist with the modifications
- Monitor, analyze, and detect cyber events for DCO situational awareness, attack sensing, and warning, including incident reporting
- Maintain knowledge of the most recent cyber events to enable the development of notifications/alerts
- Understand and identify potential threats and filter log noise created by the applications and data flows
- Deploy, configure, and maintain the virtual environment. Perform system administration of physical servers and virtual machines
- Isolates and resolves hardware and software problems involving applications, operating systems, hardware, or any combination thereof
Experience:
- 4+ years of experience in helpdesk support position
- Working knowledge of IT security principles and methods (i.e. firewalls, demilitarized zones, and encryption)
- Working knowledge of networking protocols, operating systems, and technology standards
- Working knowledge of SEIM Tools, Elastic Cloud Enterprise, Logstash, Kibana, Kafka, and CDS concepts
- Experience with Microsoft enterprise applications, servers, and Windows client machines
- Experience with Linux and Windows platforms
- Experience with Unix/Linux shell scripts, regular expressions, VMWare, ESXi, and Docker
- Experience identifying, investigating, and troubleshooting cyber events
Education:
- Bachelor's Degree
Certifications:
- IAT-II Certification
Security Clearance:
- Top-Secret w/SCI Eligibility preferred
Other Position Requirements:
S2Technologies is an equal-opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.