VariQ

  • Incident Response Analyst

    Job Locations US-DC
    Job ID
    2019-3391
    # of Openings
    1
    Category
    IT Security
    Clearance
    Public Trust
    Work Authorization
    US Citizens, preferred
  • Overview

    VariQ has an exciting opportunity for a highly qualified Incident Response Analyst to support the Treasury Department, Office of the Comptroller of the Currency within the Department of the Treasury in Washington, DC.

     

    Additional Information:

    • Location: 400 7th St., SW Washington, DC 20024
    • Salary: Dependent upon experience
    • Security Clearance: Public Trust (US Citizenship required)
    • Available: ASAP

    Responsibilities

    • Perform IR activities using OCC security tools - including a variety of open-source tools,
    • Recommend new and innovative investigation technologies to enhance the customer’s existing capabilities,
    • Examine and analyze electronic media to produce detailed findings’ reports – ensure clarity to a point where they could be used in legal cases - when required,
    • Detailed analysis of events during the incident lifecycle, combining sound analytical skills with an advanced knowledge of security threats,
    • Participate in knowledge-sharing with the team, and write technical articles based on investigative analysis performed for internal knowledge bases,
    • Conduct ongoing malware analysis, including reverse engineering on adware, backdoors, rootkits, spyware, trojans, viruses, and worms affecting various OCC assets, and
    • Assist personnel in identifying observable criteria, features, or traits that the personnel can use to identify the presence of malware on the network.

    Qualifications

    • Strong verbal and written communications skills
    • Expert knowledge of policies, procedures, and protocols of a government Security Operations Center (SOC) with emphasis on incident response and forensic network analysis, and
    • To support incident response activities while performing cyber investigations, have demonstrated experience leveraging data points from the following (or equivalent) enterprise security tools:
      • McAfee IDS/IPS,
      • McAfee Enterprise Antivirus,
      • Symantec EndPoint Protection,
      • Forescout CounterACT,
      • BlueCoat,
      • Symantec Data Loss Prevention (DLP),
      • Mandiant/FireEye,
      • Guardian MDB Protect,
      • Cisco firewalls,
      • Imperva web application firewalls (WAF),
      • QualysGuard,
      • AppScan,
      • McAfee Enterprise Security Mgr, and
      • SPLUNK (or like) tools.

     

    Minimum Requirements:

    • 3+ years of experience handling incident response and forensic analysis in large/complex enterprises

     

    Education:

    • Bachelor of Science in Computer Science, Systems Engineering, Cybersecurity, Information Technology or related area (or 10+ years of overall experience in lieu of a degree). 

     

    Certifications:

    At least one of the following:

    • Certified Information Systems Security Professional (CISSP), or
    • SANS (any): GCIH, GCFE, GCFA, GREM, GPEN, GWAPT, GXPN, or
    • Certified Computer Examiner (CCE), or
    • Certified Computer Forensic Examiner (CCFE)
    • Security +
    • Network +

     

    Preferred Qualifications:

    • Experience incident handling and threat intelligence at the U.S. Dept of Treasury, or
    • Previous incident handling and threat intelligence experience at a Federal agency of similar size, scope, and complexity.

     

     

    VariQ is an equal opportunity employer.

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed