VariQ

  • Incident Response Analyst

    Job Locations US-DC
    Job ID
    2019-3391
    # of Openings
    1
    Category
    IT Security
    Clearance
    Public Trust
    Work Authorization
    US Citizens, preferred
  • Overview

    VariQ has an exciting opportunity for a highly qualified Incident Response Analyst to support the Treasury Department, Office of the Comptroller of the Currency within the Department of the Treasury in Washington, DC.

     

    Additional Information:

    • Location: 400 7th St., SW Washington, DC 20024
    • Salary: Dependent upon experience
    • Security Clearance: Public Trust (US Citizenship required)
    • Available: ASAP

    Responsibilities

    • Perform incident response activities using OCC security tools, including a variety of open-source tools.
    • Recommend new and innovative investigative technologies to enhance customer’s existing capability.
    • Utilize forensic tools such as Encase and Forensic Toolkit, and FireEye Redline in order to examine and analyze electronic media to produce a report of findings that is sufficiently detailed and clear to a point it could be used in a legal case when required.
    • Perform detailed analysis of events during the incident response process, combining sound analytical skills with advanced knowledge of IT security threats.
    • Participate in knowledge-sharing across the CDC and write technical articles based on investigative analysis performed for internal knowledge bases.
    • Conduct malware analysis using Cuckoo Sandbox in order to understand and reverse engineer various malware samples that may potentially be found on OCC devices.
    • Complete periodic Wi-Fi scans of the OCC Headquarters to identify and report discovered rogue access points.
    • Assist personnel in identifying observable criteria, features, or traits that the personnel can use to identify the presence of malware on the network.

    Qualifications

    • Expert knowledge of policies, procedures, and protocols of a government Security Operations Center with emphasis on incident response and forensic analysis.
    • Demonstrated experience leveraging data points from various security tools to support incident response activities and perform cyber investigations: McAfee IDS/IPS, Imperva Web Application Firewalls, Symantec Endpoint Security, BlueCoat Proxy, FireEye Endpoint Security (HX), FireEye Redline, Cisco firewalls, ForeScout CounterAct, StealthINTERCEPT, Cuckoo Sandbox, Splunk, FTK Imager, EnCase, Passware, Hashcat, and John the Ripper.
    • Ability to make technology recommendations to enhance an enterprise incident response capability.

     

    Minimum Requirements:

    • Minimum of 3 years of experience as a subject matter expert / forensic analyst handling incident response and forensic analysis in large / complex enterprise networks.

     

    Education:

    • Bachelors of Science in Computer Science, Systems Engineering, Cybersecurity, Information Technology or a related area.

     

    Certifications:

    • Mandatory (Either will suffice):
      • CompTIA Security+
      • CompTIA Network+
    • Preferred (Any will Suffice, but must obtain within 1st year of start date):
      • Certified Computer Examiner (CCE)
      • Certified Computer Forensic Examiner (CCFE)
      • CISSP, GCIH, GCFE, GCFA, GREM, GPEN, GWAPT, GXPN

     

    Preferred Qualifications:

    • Experience at the U.S. Department of Treasury.
    • Previous incident handling and threat intelligence experience at a Federal agency similar in size, scope, and complexity.
    • Familiarity with scripting languages for more advanced usage, automation, and correlation of security tools through exposed REST / SOAP APIs.

     

    VariQ is an equal opportunity employer.

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed