Logo
ARGO Cyber Systems, LLC

Host Based Cyber Systems Analyst IV

ARGO Cyber Systems, LLC, Arlington, Virginia, United States, 22201


The DHS's Hunt and Incident Response Team (HIRT) secures the Nation's cyber and communications infrastructure.

HIRT provides DHS's front line response for cyber incidents and proactively hunting for malicious cyber activity.

Argo Cyber Systems is a key partner to DHS, and performs HIRT investigations to develop a preliminary diagnosis of the severity of breaches.

Argo provides HIRT remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. Contract personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. Raytheon Technologies Intelligence & Space (RIS) are seeking Host Forensics Analysts to support this critical customer mission.

Responsibilities:

Assisting Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating artifact collection operations.

Providing technical assistance on digital artifacts collection/triage matters and forensic investigative techniques to appropriate personnel when necessary.

Writing in-depth reports, supporting with peer reviews and providing quality assurance reviews for junior personnel.

Supporting forensic analysis and mentoring/providing guidance to others on data collection, analysis and reporting in support of onsite engagements.

Assisting with leading and coordinating forensic teams in preliminary investigation.

Planning, coordinating and directing the inventory, examination and comprehensive technical analysis of computer related evidence.

Distilling analytic findings into executive summaries and in-depth technical reports.

Serving as technical forensics liaison to stakeholders and explaining investigation details to include forensic methodologies and protocols.

Tracking and documenting on-site incident response activities and providing updates to leadership throughout the engagement.

Evaluating, extracting and analyzing suspected malicious code.

Characterizing and analyzing artifacts to identify anomalous activity and potential threats to resources.

Performing event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.

Analyzing identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.

Required Skills:

U.S. Citizenship.

Must have an active TS/SCI clearance.

Must be able to obtain DHS Suitability.

8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools.

Ability to create forensically sound duplicates of evidence (forensic images).

Able to write cyber investigative reports documenting digital forensics findings.

Experience with the analysis and characterization of cyber attacks.

Skilled in identifying different classes of attacks and attack stages.

Knowledge of system and application security threats and vulnerabilities.

Knowledgeable in proactive analysis of systems and networks, to include creating trust levels of critical resources.

Must be able to work collaboratively across physical locations.

Desired Skills:

Experience with or knowledge of two or more of the following tools: EnCase, FTK, SIFT, X-Ways, Volatility, WireShark, Sleuth Kit/Autopsy, Splunk, Snort, Other EDR Tools (Crowdstrike, Carbon Black, Etc).

Proficiency with conducting all-source research.

Required Education:

BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics experience.

Desired Certifications:

GCFA, GCFE, EnCE, CCE, CFCE, CISSP.

#J-18808-Ljbffr