Gray Tier Technologies LLC
Host Based Systems Analyst
Gray Tier Technologies LLC, State Farm, Virginia, United States, 23160
CORE COMPETENCIES: Uses leading edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected cyber intrusions Follows proper evidence handling procedures and chain of custody protocols Produces written reports documenting digital forensic findings Determines programs that have been executed, finds files that have been changed on disk and in memory Uses timestamps and logs (host and network) to develop authoritative timelines of activity Finds evidence of deleted files and hidden data Identifies and documents case relevant file-system artifacts (browser histories, account usage and USB histories, etc.) Creates forensically sound duplicates of evidence (forensic image) to use for data recovery and analysis Performs all-source research for similar or related network events or incidents Skill in identifying different classes of attacks and attack stages Knowledge of system and application security threats and vulnerabilities Knowledge in proactive analysis of systems and networks, to include creating trust levels of critical resources REQUIREMENTS (7-9 years host investigations or digital forensics experience with a High school diploma; or a Bachelor's degree in a technical discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline, and with 5-7 years of host-based investigations or digital forensics experience) Proficiency level III includes all skills defined at level II in addition to the following: Assists with leading and coordinating forensic teams in preliminary investigation Plans, coordinates and directs the inventory, examination and comprehensive technical analysis of computer related evidence Distills analytic findings into executive summaries and in-depth technical reports Serves as technical forensics liaison to stakeholders and explains investigation details to include forensic methodologies and protocols Tracks and documents on-site incident response activities and provides updates to leadership throughout the engagement Evaluates, extracts and analyzes suspected malicious code