live chat
Forensic Cyber Security Engineer Job in Grove City, Ohio US

Forensic Cyber Security Engineer

Sawdey Solution Services - Grove City, OH

Posted: 1/23/2021 - Expires: 4/23/2021

Job ID: 223777220



Job Description

Title

Forensic Cyber Security Engineer 

Description

The Forensic Cyber Security Engineer will perform a variety of routine project tasks applied to specialized cyber security problems. Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to cyber security requirements. Analyzes information security requirements. Applies analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. Provides security engineering support for planning, design, development, testing, demonstration, integration of information systems.

Additional Responsibilities Include, but are not Limited To:

Forensics Analysis

Act as the point on all shifts to perform forensics analysis on endpoint devices discovered during the course of an incident.

Recommend equipment and software to enhance DLA CERT’s forensics analysis capability.

Maintain SOPs for performing forensics on endpoint devices.

Ensure forensically sound acquisition and preservation of data.

Develop forensics analysis reports to be included in CERT incidents as well as to be shared with the CSSP community at large as appropriate. Reports will include but are not limited to:

Indicators of Compromise discovered

Details of files reviewed during analysis and artifacts discovered

Recommended mitigations

Conclusion from findings

Associated Incident Information

Contribute to After Action Reports for DLA CERT incidents regarding malware.

Generate Lessons Learned relating to malware analysis and reporting in accordance with DLA CERT SOPs.

Malware Analysis

Act as the Subject Matter Expert (SME) on all shifts to perform analysis of malware discovered during the course of an incident.

Maintain the malware lab used by DLA CERT.

Maintain SOPs for the use of the malware lab and performing malware analysis.

Develop malware analysis reports to be included in CERT Incidents as well as to be shared with the CSSP community at large. Reports will include, but are not limited to:

Indicators of Compromise

Screenshots showing execution of malware

Explanation of malware execution steps

Threat level

Recommended mitigations

Associated Incident information

Contribute to After Action Reports for DLA CERT incidents regarding malware.

Generate Lessons Learned relating to malware analysis and reporting in accordance with DLA CERT SOPs.

Assist with proposal development, if necessary.

Perform other duties, as assigned.

Position Requirements

Experience:

Seven (7) years of relevant IT experience.

Five (5) years’ experience working with a SEIM such as Arcsight ESM, Splunk or QRadar.

Three (3) years’ experience administering or troubleshooting Windows and/or Unix operating systems, both server and workstation.

Detailed knowledge of the Mitre ATT&CK framework.

Experience working with Cybersecurity Tools such as Tanium, or Microsoft ATP.

Experience using or administering IDS such as McAfee NSM and IBM Siteprotector.

Experience scripting in Perl, Python, Ruby, Bash, or Java.

Strong understanding of Network Architecture.

Education:

Bachelor’s degree in Cyber Security or related field desired.

Certificates, Licenses, Registrations:

Must have at least one DoD 8570.01 IAT level II certification:

Cisco CCNA - Security

GIAC Global Industrial Security Professional (GICSP)

GIAC Security Essentials (GSEC)

CompTIA Security + CE

Systems Security Certified Practitioner (SSCP)

Must have at least one DoD Cyber Security Service Provider (CSSP) Analyst certification OR be able to pass one of these in the next 6 months:

EC Council Certified Ethical Hacker (CEH)

Logical Operations Inc. Cyber Security First Responder (CFR)

CompTIA Cyber Security Analyst (CySA+)

GIAC Certified Intrusion Analyst (GCIA)

GIAC Certified Incident Handler (GCIH)

GIAC Global Industrial Cyber Security Professional (GICSP)

Cisco Cyber Security Specialty Certification (SCYBER)

CompTIA Advanced Security Practitioner (CASP)

Other Required Skills & Abilities:

Must be able to effectively communicate with customer and fulfill all duties and responsibilities as listed in the contract.

Must be proficient in Microsoft Office suite including, but not limited to: Word, PowerPoint, Excel, and Outlook.

Must possess strong analytical and problem-solving skills.

Must possess strong oral and written communication skills.

Security Clearance: Top Secret security clearance with eligibility for an IT-1 and SCI access.

US Citizenship: This position supports a U.S. Government Contract whose terms require Sawdey Solution Services to staff it only with U.S. Citizens.

Full-Time/Part-Time

Full-Time

Req Number

INF-21-00003

Location

Columbus, OH

About the Organization

Sawdey Solution Services, Inc., with an ISO 9001/ISO 14001 certified and CMMI-SVC v1.3 Level 3 appraised corporate headquarters, has built a nationwide and global footprint providing innovative cross-disciplined professional services, engineering, and cyber solutions to Department of Defense, Department of Homeland Security, Federal Agencies, and commercial customers. Operating successfully since 2001, we are a Woman Owned/Service Disabled Veteran Owned Small Business.

EOE Statement

Sawdey Solution Services is an Equal Opportunity Employer-Disabled-Veterans-41 CFR 60  1.4 and does not discriminate against any employee or applicant because of race, age, sex, color, physical or mental disability, religion, sexual orientation, gender identity, marital status, national origin, or veteran status.

Job Description



This position is currently accepting applications.











Sawdey Solution Services is an equal opportunity employer and does not discriminate against any employee or applicant because of race, age, sex, color, physical or mental disability, religion, sexual orientation, gender identity, marital status, national origin, or veteran status.

Job Summary


Employment Type:
Per Diem Employee
Job type:
Federal Contractor
Skill Based Partner:
No
Education Level:
Bachelor's degree
Work Days:
Mon, Tue, Wed, Thu, Fri
Job Reference Code
49526484
Salary
N/A
Licenses / Certifications:
N/A
Display Recommended WorkKeys®Recommended WorkKeys®:
N/A